Cyber Humanity

Cyber Humanity

immersivelabs.com
The podcast taking cybersecurity personally


24: Next Stop: HackTown
Oct 14 • 47 min
We love stories about the Dark Web – and we’re apparently not alone in that. This week, we’re talking about HackTown, which seems to be Hogwarts for wannabe hackers (just without the…magic). HackTown promises to teach registrants how to become…
23: Watch Your Wrist: The Fitbit Spyware Special
Oct 9 • 45 min
This episode is a little different to normal – and all because Kev went poking around in Fitbit. Kev, doing what Kev does, found a flaw in the Fitbit App Store that allowed him to deliver a malicious application from fitbit.com (http://fitbit.com/), it…
22: Rotten to the Core?
Oct 2 • 46 min
First up in this week’s episode is news that, as part of its ‘notarization’ process, Apple approved code used by Shlayer, the most common threat faced by Macs last year. Is it reasonable to expect Apple – or any app store – to keep their entire ecosystem…
21: When Sysadmins Attack: The Snowden Edition
Sep 24 • 44 min
We want to talk about Edward Snowden. It’s harder than you would imagine, considering most of the Cyber Humanity team have at some point worked for government agencies and therefore can’t quite remember what they do and “don’t” know about him. Even so,…
20: Bugging Out Over Bounties
Sep 22 • 45 min
What’s been bugging the team recently? Slack’s bug bounty – if it can even be called that – causes some consternation in this episode and raises serious questions about bug bounty programs. The bug in question was classified as a ‘critical’ RCE…
19: Virus Vaccines and Secret Squirrels
Sep 16 • 38 min
We have a vaccine! No, not that one. The Emotet vaccine has been quietly doing the rounds over the last few months. Kev gives a nice overview of malware vaccines and how this particular one works. We also chat about circles of trust, old boys’ networks…
18: Who Watches The Watchmen?
Sep 2 • 34 min
If you notice the team being a little bit more careful with their words than usual, it’s because the topic of this episode is…a SANSitive one. We’ll leave it like that, shall we? We also chat about the NCC/CREST/GitHub debacle, which sparks debate over…
17: WastedDollar: The Garmin Edition
Aug 25 • 37 min
The dust from Garmin’s scrimmage with WastedLocker is just about settling – potentially at the cost of $10 million dollars. Kev sheds light on the matter from a technical standpoint, and we learn why it’s really unlikely Garmin would have been able to…
16: Child’s Play: The Kids That Took Twitter
Aug 19 • 26 min
As you might have guessed from the title, the Twitter hack is the focus of this episode – specifically, the kids behind the attack. Why are youngsters so much more likely to turn to cyber crime? How can we guide them onto a more ethical path, while still…
15: Born to Ransom
Aug 12 • 46 min
He ransomware, she ransomware, they all ransomware! Yup, you guessed it: this week’s episode is all about ransomware. We start with Garmin’s interesting handling of their recent tryst with WastedLocker, which largely involved them saying nothing at all to…
14: Hack My Tweets Up
Aug 5 • 44 min
Imagine our surprise when we were casually browsing Twitter one evening and then got offered $2,000 for every $1,000 we sent to Jeff Bezos. Now that’s a good deal… Naturally our curiosity was piqued and in today’s episode we take a deeper look at this…
13: On your Huawei
Jul 31 • 41 min
The one that got Huawei. We discuss the controversy around the Chinese company and the role it plays in the UK’s network, which has been rumbling on for years. Now it seems to be coming to a head – and headlines proclaiming the potential for the ‘9/11 of…
12: Gimme F5
Jul 29 • 41 min
In this week’s episode, we take a look at the recent critical vulnerabilities in F5, which scored a perfect 10 CVSS score, and Kev sheds some light on what made it such a perfect storm. We also have a little think about why companies with the most…
11: The Right to Remain Hacked
Jul 22 • 40 min
In this week’s episode, we revisit the thin blue line, this time with a focus on a Wikileaks-style data dump called ‘Blue Leaks’. 270GB of police data – 24 years’ worth from over 200 departments – was leaked in what has been dubbed ‘a more transparent…
10: Telling Tails
Jul 15 • 40 min
In this episode, we take a look at some recent faux-pas that have been making headlines. Facebook helps develop a zero-day exploit in Tails to catch a prolific predator and then keeps it all very quiet. A South African bank discovers what happens when a…
9: Socially Spying.
Jul 8 • 29 min
In this episode we take a much closer look at the applications of Open Source Intelligence (OSINT) in both offensive and defensive operations, including Paul’s growing excitement about the dark web (mainly because he thinks it sounds like Geocities.…
8: Snakes in the Machine
Jul 1 • 46 min
Now it’s automotive giant Honda’s turn to fall victim to what seems to be a fairly crippling cyberattack. And while they aren’t giving anything away, it seems cloud malware analyzer VirusTotal did have enough accessible information to tip off security…
7: Better NSA no more.
Jun 24 • 40 min
We all really hope no government agencies are listening as Paul gets excited about a new career as a cyber vigilante. How do the police actually go about investigating cybercrime? And a lawsuit filed against Google says that it’s really Chrome’s Incognito…
6: Hype or Hacked?
Jun 18 • 38 min
Cyberattacks are the darling of both mainstream and industry media. But this is a double-edged sword? It seems like too often the hype around a new type of threat overtakes the real risk it poses. We take a cheeky look at some vulnerabilities from…
5: All the President’s Data?
Jun 16 • 37 min
This episode could be entitled: REvil III as they make a further unwelcome appearance on our show. Now they are demanding a huge ransom from no lesser figure than the President of the United States himself, does that make them terrorists? And Kev went…
4: The Gods of Malware.
Jun 11 • 43 min
It is weird that we each picked different threats to talk about and two of them were named after near-eastern gods, including the patron of lost souls and the helpless. Speaking of helpless, Max gets mired in a MAR. And just why are there so many bits of…
3: Masters of the Cyberverse.
Jun 9 • 41 min
There was much flailing of arms recently as an international examination body decided to rank a CISSP at the same level as a Master’s Degree. Kev flexes his honeypots and talks Saltstack. And Paul takes a closer look at a newly discovered Evil Maid with a…
2: Lock down, Zoom on.
Jun 5 • 42 min
The first of our episodes recorded in lockdown. We take a closer look at accusations of poor security thrown at Zoom, the plucky little video conferencing company that has eaten the world. Is it really all that bad or just a storm in the infosec…
1: Travelex: A post mortem.
Jun 2 • 30 min
At the dawn of 2020, foreign exchange company Travelex had something of a New Year cyber nightmare. In this episode we discuss what happened, how they responded and whether paying the ransom is ever the right thing to do.