The Dangers of Googling Phone Numbers, an Attack on a Security Platform, and Typo Squatting on US Military Domains

This week on Hacker And The Fed you can't always count on Google for the right telephone number for an airline, an American cloud based directory as a service platform announces that they were hacked by a state sponsored threat actor, millions of US military emails may be ending up in the wrong hands, a new ransomware looks like a windows update, we answer listener questions, and Hector tells a fascinating story about a hacking methodology. Links from the episode: Airline Fake Contact Number on Google Maps https://twitter.com/Shmuli/status/1680669938468499458 https://twitter.com/SwiftOnSecurity/status/1680926780599812098   JumpCloud discloses breach by state-backed APT hacking group https://www.bleepingcomputer.com/news/security/jumpcloud-discloses-breach-by-state-backed-apt-hacking-group/ JumpClouds IOCs - https://jumpcloud.com/support/july-2023-iocs   Domains like army․ml, pentagon․ml, navy․ml and af․ml all have Mail Exchange records pointing to 'handle․catchemail․ml' https://twitter.com/mikko/status/1680947795862200325   Watch out for this new malicious ransomware disguised as Windows updates https://www.foxnews.com/tech/watch-out-new-malicious-ransomware-disguised-windows-updates https://www.trendmicro.com/en_id/research/23/g/tailing-big-head-ransomware-variants-tactics-and-impact.html   Listener Questions https://www.lsu.edu/mediacenter/news/2023/06/13-cyber-clinic.php   Support our sponsors: Go to JoinDeleteMe.com/FED and use the code FED20 for 20% off Go to drata.com/partner/hacker-fed and get 10% off Drata and waived implementation fees Get your Hacker and the Fed merchandise at hackerandthefed.com