Podcast Episode 5: Fake Ads, Insider Threats, and a Big Data Dump

Posted in: Resources » Unmasked

In this thrilling episode of Unmasked, our cybersecurity superheroes plunge headfirst into the late August headlines to uncover the most cutting-edge and formidable cyberattacks. Fasten your seatbelts and ensure your hands remain securely inside the vehicle as we embark on an exhilarating journey through the world of cybersecurity.

Along our path, we’ll make intriguing stops, including a detour through the realm of deceptive Amazon ads on Google, an exploration of Tesla’s security breach stemming from an insider threat, and a stealthy incursion targeting the renowned international snack-maker, Mondelez, by way of a third-party partner. You might recognize Mondelez from their household snack brands like Ritz and Honey Maid. All this and much more await you in this week’s gripping episode.

You can subscribe to Unmasked on Spotify, Amazon, or wherever you get your podcasts. 

Show notes

Headlines for beginning of August 

  • Classic Tech Support scam 
  • But done in clever way 
  • Data leaked to German media 
  • Former employees behind the breach 
  • Employees misappropriated the information 
  • IABs 
  •  initial access through VPN or RDP 
  • privileges associated with the access accounts ranged from cloud administrator (14 cases) to local admin (5 cases) and domain user (2 cases) 
  • positive side effects, such as uncovering areas that need stronger security or identifying devices, services, and accounts that could pose a risk. 
  • Mondelez International – Parent company for Oreo and Ritz Crackers and many others 
  • 51,000 of its past and present employees that their personal information has been stolen from a law firm hired by the Oreo and Ritz cracker 
  • Mondelez was among the global companies hit in the NotPetya outbreak — and it recently settled its lawsuit against Zurich American Insurance Company, which it brought because the insurer refused to cover Mondelez’s $100-million-plus cleanup bill 
  • data may have been compromised for 24 months.