Start / Hacker And The Fed / 48 billion and no 2fa what could go wrong

$48 Billion and No 2FA, What Could Go Wrong?

51 min • 7 augusti 2025

Chris and Hector break down the ransomware attack on Ingram Micro, exposing how a missing MFA on a VPN led to a massive breach. They also dig into the Department of Defense’s new CMMC rules and sound off on Microsoft’s $30 charge for Windows 10 security updates.

Join our new Patreon!

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.patreon.com/c/hackerandthefed⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

Send HATF your questions at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠questions@hackerandthefed.com

Senaste avsnitt

Smart Bed Backdoor, Crypto Heists, Router Hacks, and U.S. Cyber Command’s Stand Down

6 mars | 55 min

Inside a Ransomware Gang, Leaked Logs, a $1.4B Crypto Heist & Signal Under Attack

27 februari | 48 min

School Cyberattacks, Swatting as a Service, and Hector Rants on the Broken Cybersecurity Job Market

20 februari | 54 min

SSH Backdoors, the Decline of Ransomware Payments, and Hector Rants on a MASSIVE Insider Threat

13 februari | 55 min

Hacked Healthcare, Hacked Cars & The Hidden Risks of Modern Tech

6 februari | 49 min

ROSS ULBRICHT PARDONED, Plus Insider Threats, Corporate Security Risks, and A High-Profile Crypto Kidnapping

1 februari | 49 min

Holiday Reflections: Cybersecurity, Careers, and Christmas Cheer

26 december 2024 | 46 min

Yahoo Red Team Layoffs, North Korea Infiltrating U.S. Companies, Data Breaches, and Protecting your Medical History

19 december 2024 | 47 min

Telecom Hacks, Ransomware Fallout, Encrypted Chats, and a Diss Track Challenge

12 december 2024 | 46 min

DB Cooper, ExxonMobil & Corporate Espionage, and Ross Ulbricht's Potential Pardon

5 december 2024 | 45 min

A THANKSGIVING SPECIAL: Phishing Failures, Red Team Career Advice, and Cybersecurity Ethics

28 november 2024 | 47 min

Italian Hacking Scandal, NSA Best Practices, Insider Threats & a Former Anonymous Hacker?

21 november 2024 | 40 min

We're Back!

14 november 2024 | 30 min

The Colonial Pipeline Hack, the SEC's X Account, and Special Agent Aron Mann on Homeland Security and Cyber

31 januari 2024 | 94 min

A Train Hack, $80M Pig Butchering Scheme, and Greg Van Houten of Haynes Boone on the SEC's New Cybersecurity Disclosure Rules

21 december 2023 | 86 min

The FBI Shares Tactics of a Ransomware Gang, a Ransom Payment Fail, and Cyber Law with Lance Taubin

30 november 2023 | 84 min

The SolarWinds hack, North Korea IT Workers, Hackers Targeting a Data Company, and Listener Questions

26 oktober 2023 | 85 min

MOVEit and MGM Resorts Hacks, U.S. Senate's Email System Melts Down, Cisco Can't Stop Using Static Passwords, and Listener Questions

19 oktober 2023 | 85 min

Are Paying Ransoms Illegal? Ransomware Shuts Down a 158 Year Old Company, Fido2 Security Keys, and Hacktivist Rules

12 oktober 2023 | 75 min

Artificial Intelligence Doxxing in Viral Videos, Billions of Usernames and Passwords Exposed, and a HATF Contest

5 oktober 2023 | 72 min

Equifax Breach, a Hack of 27 Crypto Companies, and the Arrest of a Department of State IT Contractor

28 september 2023 | 73 min

Finding out our Relative is a Hacker, Working for the FBI, Prepping for a Technical Interview, and More Listener Questions

21 september 2023 | 71 min

Your Car and Your Sex Life, US Departments of State and Commerce Compromised, Iran and North Korea Hacking Crews, and Victories Over Russian Hackers

14 september 2023 | 65 min

The FBI's Operation "Duck Hunt" Takes Down a Botnet, NYC Subway Allows Users to be Tracked Online, and Why Chris Left the FBI

7 september 2023 | 89 min

Hacking Through a Fire Stick, a Danish Cloud Provider Loses all Their Customer Data, an Active Hacker Becoming a White Hat

31 augusti 2023 | 89 min

Demystifying Internet Honeypots and Getting into Cyber Security with Andrew Morris, Founder and CEO of GreyNoise

24 augusti 2023 | 51 min

Zoom and AI, the NSA and DARPA Presenting Challenges to the Cyber Security Community and Listener Questions

17 augusti 2023 | 94 min

Chinese Malware, a Year in Review of Zero-day Exploits, a Ransomware Study, and Listener Questions

10 augusti 2023 | 79 min

Authentication Attacks, US Government Domains, and New Cyber Incident Disclosure Guidelines

3 augusti 2023 | 73 min

Thousands of Intelligence and Defense Employees Exposed, a Hacker Infects His Own Computer, Google Accuses Apple Employee of Not Reporting a Zero-day

27 juli 2023 | 87 min

The Dangers of Googling Phone Numbers, an Attack on a Security Platform, and Typo Squatting on US Military Domains

20 juli 2023 | 83 min

Are Your Lightbulbs a Security Risk? Voice Authentication May be Broken, and Logistics Security

13 juli 2023 | 71 min

Your Car’s Data Might Be For Sale, a New Malware Payload Vector Using DNS, and Listener Questions

6 juli 2023 | 79 min

A Hack-Back Lands a CEO in Prison, Repo Jacking, and When to Use a VPN

30 juni 2023 | 73 min

A Massive Ongoing Ransomware Attack, Google Claims to Catch Chinese Hackers, and the Feds Arrest a Russian Hacker in Arizona

22 juni 2023 | 70 min

China's Tik Tok "God Credential" Allegation, a New Phishing and Email Takeover Campaign, and Listener Questions

15 juni 2023 | 66 min

Zero-click Exploits Attacking iPhones, PC Motherboards Downloading Malware, and a New Dutch Mandate

8 juni 2023 | 66 min

An Insider Exploits A Ransomware Attack, AI Photos, And Hector's Indonesian Hack

1 juni 2023 | 57 min

Pig Butchering And Crypto Crime-fighting With Erin West

25 maj 2023 | 48 min

Vehicle Location Data Leaked For Over 2 million Drivers, Another US Government Breach, And D.B. Cooper

18 maj 2023 | 60 min

Chinese State Hackers, Ransom Negotiation, And Listener Questions

11 maj 2023 | 60 min

Cyber Insurance With Michelle Chia, Head Of Cyber Insurance At Zurich North America

4 maj 2023 | 47 min

Search Engine Vulnerabilities, Ghost Tokens, Anna Kournikova

27 april 2023 | 58 min

The Classified Document Leak, A Hacker Gets Hacked, And Can A Video Silently Hack Your Phone?

20 april 2023 | 56 min

Hackers Stealing Your Car And Internet Bandwidth, And A Massive Corporate Security Breach

13 april 2023 | 61 min

City Cyber Security with NYC CISO Kelly Moan

6 april 2023 | 47 min

Who Can Read Your Emails, And Busting DDoS For Hire

30 mars 2023 | 61 min

Listener Questions: How To Protect Your Kids Online, Advanced Personal Cybersecurity, And What A “Red Team” Is

23 mars 2023 | 66 min

Jobs, Academics, And The Future Of Cybersecurity With Professor Bill Gardner

16 mars 2023 | 59 min

Fake Google Ads, Law Firms Under Attack, And The White House Announces New National Cybersecurity Strategy

9 mars 2023 | 52 min

A Leaked Ransomware Negotiation, Twitter Security, And NSA Best Practices For Securing Your Home Network

2 mars 2023 | 46 min

Insider Threat Attacks, Malware Used To Steal Crypto, And Hector’s Embarrassing Story

23 februari 2023 | 68 min

A Major Phishing Attack, TikTok In Texas, And FBI Customer Service

16 februari 2023 | 44 min

"Malvertising" and Stolen Background Check Data

9 februari 2023 | 48 min

The FBI Take Down Of Hive Ransomware Network & Questions About The FBI

2 februari 2023 | 54 min

2023 Hacking Predictions, Bug Bounty Hunters, And The Super Bowl Sunday Hack

26 januari 2023 | 50 min

Cyber In The News: Important Stories Slipping Under The Radar

19 januari 2023 | 51 min

Twitter's Data Leak, Russian Hacking Crew "Cold River", and Listener Questions

12 januari 2023 | 61 min

Cell Phone Eavesdropping, Tupac and Biggie in New Zealand, and Botnets

5 januari 2023 | 49 min

Cyber Warfare With Special Guest Jeffrey Carr

29 december 2022 | 50 min

The Perspective Of A Hacker, Questions For Sabu

22 december 2022 | 64 min

The Infamous Shadow Brokers and Apple's New Security Posture

19 december 2022 | 50 min

CISA’s Small Business Security Guidance and Listener Questions

8 december 2022 | 56 min

Sabu and Recursion Face to Face, Former Hackers Reunite Over War Stories

1 december 2022 | 58 min

Hector's Decision To Work With The FBI

24 november 2022 | 44 min

The Silk Road Bitcoin Hack

17 november 2022 | 26 min

The Dropbox Hack And Questions About The FBI

10 november 2022 | 47 min

NSO Group’s Pegasus & IRC Wars

3 november 2022 | 46 min

Cyber Security Whac-A-Mole, Getting Arrested By The FBI, And Protecting Your Small Business

27 oktober 2022 | 44 min

Social Engineering & "Vishing"

20 oktober 2022 | 32 min

The Origin Story

13 oktober 2022 | 56 min

Introducing Hacker And The Fed

12 oktober 2022 | 3 min

$48 Billion and No 2FA, What Could Go Wrong?

Senaste avsnitt

$48 Billion and No 2FA, What Could Go Wrong?

Your Favorite Game Just Stole Your Crypto

Zero Trust, Many Fails: Government Cybersecurity Exposed

McDonald’s Has Been Compromised

Are We Losing the Cyber War?

Arrests, Airline Breaches, and the Human Side of Hacking

Burning Millions and Breaking MFA

Your AI Assistant Just Betrayed You

We Fixed Cybersecurity (You're Welcome)

The $400 Million Mistake, Router Invasions, and Crypto Chaos

Backdoors, Breaches, and Bitcoin

SIM Swaps, Insider Threats & the Rise of 'Zishing'

LulzSec, LockBit & the Price of Weak Security

Joe Rogan, Ross Ulbricht, and the $1 Billion Disney Hack

Credential Theft, InfoStealers, and the Rise of Cyber Snake Oil

DOGE Drama, Digital Grit, and CVE Chaos

Starlink Bugs, Bank Regulator Breach, and the LastPass Fallout

Oracle Breach, MGM Hacker Busted, North Korean IT Scams

Telecom Hacks, AI Fears, and the Quantum Threat – Plus, Hector Rants!

Hacks, Heists, and the Rise of Digital Deception

Smart Bed Backdoor, Crypto Heists, Router Hacks, and U.S. Cyber Command’s Stand Down

Inside a Ransomware Gang, Leaked Logs, a $1.4B Crypto Heist & Signal Under Attack

School Cyberattacks, Swatting as a Service, and Hector Rants on the Broken Cybersecurity Job Market

SSH Backdoors, the Decline of Ransomware Payments, and Hector Rants on a MASSIVE Insider Threat

Hacked Healthcare, Hacked Cars & The Hidden Risks of Modern Tech

ROSS ULBRICHT PARDONED, Plus Insider Threats, Corporate Security Risks, and A High-Profile Crypto Kidnapping

Holiday Reflections: Cybersecurity, Careers, and Christmas Cheer

Yahoo Red Team Layoffs, North Korea Infiltrating U.S. Companies, Data Breaches, and Protecting your Medical History

Telecom Hacks, Ransomware Fallout, Encrypted Chats, and a Diss Track Challenge

DB Cooper, ExxonMobil & Corporate Espionage, and Ross Ulbricht's Potential Pardon

A THANKSGIVING SPECIAL: Phishing Failures, Red Team Career Advice, and Cybersecurity Ethics

Italian Hacking Scandal, NSA Best Practices, Insider Threats & a Former Anonymous Hacker?

We're Back!

The Colonial Pipeline Hack, the SEC's X Account, and Special Agent Aron Mann on Homeland Security and Cyber

A Train Hack, $80M Pig Butchering Scheme, and Greg Van Houten of Haynes Boone on the SEC's New Cybersecurity Disclosure Rules

The FBI Shares Tactics of a Ransomware Gang, a Ransom Payment Fail, and Cyber Law with Lance Taubin

The SolarWinds hack, North Korea IT Workers, Hackers Targeting a Data Company, and Listener Questions

MOVEit and MGM Resorts Hacks, U.S. Senate's Email System Melts Down, Cisco Can't Stop Using Static Passwords, and Listener Questions

Are Paying Ransoms Illegal? Ransomware Shuts Down a 158 Year Old Company, Fido2 Security Keys, and Hacktivist Rules

Artificial Intelligence Doxxing in Viral Videos, Billions of Usernames and Passwords Exposed, and a HATF Contest

Equifax Breach, a Hack of 27 Crypto Companies, and the Arrest of a Department of State IT Contractor

Finding out our Relative is a Hacker, Working for the FBI, Prepping for a Technical Interview, and More Listener Questions

Your Car and Your Sex Life, US Departments of State and Commerce Compromised, Iran and North Korea Hacking Crews, and Victories Over Russian Hackers

The FBI's Operation "Duck Hunt" Takes Down a Botnet, NYC Subway Allows Users to be Tracked Online, and Why Chris Left the FBI

Hacking Through a Fire Stick, a Danish Cloud Provider Loses all Their Customer Data, an Active Hacker Becoming a White Hat

Demystifying Internet Honeypots and Getting into Cyber Security with Andrew Morris, Founder and CEO of GreyNoise

Zoom and AI, the NSA and DARPA Presenting Challenges to the Cyber Security Community and Listener Questions

Chinese Malware, a Year in Review of Zero-day Exploits, a Ransomware Study, and Listener Questions

Authentication Attacks, US Government Domains, and New Cyber Incident Disclosure Guidelines

Thousands of Intelligence and Defense Employees Exposed, a Hacker Infects His Own Computer, Google Accuses Apple Employee of Not Reporting a Zero-day

The Dangers of Googling Phone Numbers, an Attack on a Security Platform, and Typo Squatting on US Military Domains

Are Your Lightbulbs a Security Risk? Voice Authentication May be Broken, and Logistics Security

Your Car’s Data Might Be For Sale, a New Malware Payload Vector Using DNS, and Listener Questions

A Hack-Back Lands a CEO in Prison, Repo Jacking, and When to Use a VPN

A Massive Ongoing Ransomware Attack, Google Claims to Catch Chinese Hackers, and the Feds Arrest a Russian Hacker in Arizona

China's Tik Tok "God Credential" Allegation, a New Phishing and Email Takeover Campaign, and Listener Questions

Zero-click Exploits Attacking iPhones, PC Motherboards Downloading Malware, and a New Dutch Mandate

An Insider Exploits A Ransomware Attack, AI Photos, And Hector's Indonesian Hack

Pig Butchering And Crypto Crime-fighting With Erin West

Vehicle Location Data Leaked For Over 2 million Drivers, Another US Government Breach, And D.B. Cooper

Chinese State Hackers, Ransom Negotiation, And Listener Questions

Cyber Insurance With Michelle Chia, Head Of Cyber Insurance At Zurich North America

Search Engine Vulnerabilities, Ghost Tokens, Anna Kournikova

The Classified Document Leak, A Hacker Gets Hacked, And Can A Video Silently Hack Your Phone?

Hackers Stealing Your Car And Internet Bandwidth, And A Massive Corporate Security Breach

City Cyber Security with NYC CISO Kelly Moan

Who Can Read Your Emails, And Busting DDoS For Hire

Listener Questions: How To Protect Your Kids Online, Advanced Personal Cybersecurity, And What A “Red Team” Is

Jobs, Academics, And The Future Of Cybersecurity With Professor Bill Gardner

Fake Google Ads, Law Firms Under Attack, And The White House Announces New National Cybersecurity Strategy

A Leaked Ransomware Negotiation, Twitter Security, And NSA Best Practices For Securing Your Home Network

Insider Threat Attacks, Malware Used To Steal Crypto, And Hector’s Embarrassing Story

A Major Phishing Attack, TikTok In Texas, And FBI Customer Service

"Malvertising" and Stolen Background Check Data

The FBI Take Down Of Hive Ransomware Network & Questions About The FBI

2023 Hacking Predictions, Bug Bounty Hunters, And The Super Bowl Sunday Hack

Cyber In The News: Important Stories Slipping Under The Radar

Twitter's Data Leak, Russian Hacking Crew "Cold River", and Listener Questions