Podcasts about Adobe Bridge

[Referências do Episódio] November 2024 Security Updates - https://msrc.microsoft.com/update-guide/releaseNote/2024-Nov  APSB24-77 : Security update available for Adobe Bridge - https://helpx.adobe.com/security/products/bridge/apsb24-77.html  APSB24-83 : Security update available for Adobe Audition - https://helpx.adobe.com/security/products/audition/apsb24-83.html  APSB24-85 : Security update available for Adobe After Effects - https://helpx.adobe.com/security/products/after_effects/apsb24-85.html APSB24-86 : Security update available for Adobe Substance 3D Painter - https://helpx.adobe.com/security/products/substance3d_painter/apsb24-86.html  APSB24-87 : Security update available for Adobe Illustrator - https://helpx.adobe.com/security/products/illustrator/apsb24-87.html  APSB24-88 : Security update available for Adobe InDesign - https://helpx.adobe.com/security/products/indesign/apsb24-88.html APSB24-89 : Security update available for Adobe Photoshop - https://helpx.adobe.com/security/products/photoshop/apsb24-89.html  APSB24-90 : Security update available for Adobe Commerce - https://helpx.adobe.com/security/products/magento/apsb24-90.html  FG-IR-24-199 - Named Pipes Improper Access Control - https://fortiguard.fortinet.com/psirt/FG-IR-24-199  FG-IR-24-144 - Privilege escalation via lua auto patch function - https://fortiguard.fortinet.com/psirt/FG-IR-24-144  FG-IR-23-475 - FortiOS - SSLVPN session hijacking using SAML authentication - https://fortiguard.fortinet.com/psirt/FG-IR-23-475  FG-IR-23-396 - Readonly users could run some sensitive operations - https://fortiguard.fortinet.com/psirt/FG-IR-23-396  (non-US) DSL-6740C :: All H/W Revisions :: End-of-Life / End-of-Service :: CVE-2024-11068 - Unauthorized Configuration Access Vulnerability - https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10414  APT Actors Embed Malware within macOS Flutter Applications - https://www.jamf.com/blog/jamf-threat-labs-apt-actors-embed-malware-within-macos-flutter-applications/ ModeLeak: Privilege Escalation to LLM Model Exfiltration in Vertex AI - https://unit42.paloaltonetworks.com/privilege-escalation-llm-model-exfil-vertex-ai/  Hamas-affiliated Threat Actor WIRTE Continues its Middle East Operations and Moves to Disruptive Activity - https://research.checkpoint.com/2024/hamas-affiliated-threat-actor-expands-to-disruptive-activity/  LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign - https://blogs.blackberry.com/en/2024/11/lightspy-apt41-deploys-advanced-deepdata-framework-in-targeted-southern-asia-espionage-campaign  Visionaries Have Democratised Remote Network Access - Citrix Virtual Apps and Desktops (CVE Unknown) - https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Listen to Chad and and Dax talk about the accessibility problems that are created when typed hyperlinks span multiple lines. We give you the reasons why it happens and some workarounds to fixing it or planning for them. Make sure you listen until the end learn how to set alt-text using Adobe Bridge and our thoughts on captions and alt-text uses. You will learn when to use either. Are you using them correctly?

Our guest Caroline Desrosiers of Scribely joins us to talk about her role in the upcoming Adobe Bridge update for accessible meta data. She also discusses why alt-text can be so challenging and even reveals some of the questions her team uses to create meaningful descriptions.  

Jules, Rachel, and Stephanie discuss how to organize your electronic files - why it is needed and some ideas....get a pen and paper for this one! Key talking points:  Organizing our electronic files is also a BIG topic of organization/reorganization.  Jules uses OneDrive Rachel uses iDrive Stephanie uses Google Drive, iCloud,  3-2-1 rule is 3: Create one primary backup and two copies of your data. 2: Save your backups to two different types of media. 1: Keep at least one backup file offsite. 10 Tips to Keep Your Electronic Files Organized During this conversation, we review and discuss the article "10 File Management Tips to Keep Your Electronic Files Organized" article by Susan Ward of "The Balance Small Business" website.  Be prepared to giggle at how nutty we are! 10. Backup your files regularly 3-2-1 rule is 3: Create one primary backup and two copies of your data. 2: Save your backups to two different types of media. 1: Keep at least one backup file offsite. 9. Cull your files regularly - after Rachel explains what "cull" means - we discuss what files we can remove or archive files.  Artists - do not delete reference images.  8. Order your files for your convenience.  7. File as you go.  Name things properly and apply keywords (Adobe Bridge is a fabulous tool to use) 6. Be specific in your file naming.  Be sure to document HOW you are going to name your files. 5. Follow the naming conventions. Be sure to document HOW you are going to name your files. 4. Nest your folders (example: Artwork and subfolder Collection Title/Subject) - we start to nerd out a bit at this point :) 03_Marketing - 03a_Pitches, 03b_Instagram, etc... 3. Create Folders in a logical structure.  Another example: 2021_Pet Portrait - Client Name_Pet Name Reference Image Finished Image Social Media Images 2021_People Portrait Client Name_Subject Name Reference Image Finished Image Social Media Images 2.  Make sure you document the structure that you will have in place.  Love the SOPs! 1. Use the default installation folder drive Email us how many times you organize your studio and what do you use to organize your electronic files at hello@artistssoar.com  Rise with us! On Artists Soar! Resources Mentioned iDrive OneDrive KeePass - manages all the password SOP - Standard Operating Procedures, Positive Painter Art Business Members will have access to an advanced time management course that includes SOP templates and curriculum.  Adobe Bridge for managing files and assigning keyword Our Websites and Shops Stephanie:  https://www.stephanieweaverartist.com/ https://www.etsy.com/shop/artfurpaws   Julie:  https://www.juliemstudios.com/ https://www.etsy.com/shop/peacockblueart   Rachel:  https://bubblybibbly.com/  https://www.etsy.com/shop/BBStudioShop  https://www.etsy.com/shop/mothersrecipes   Got a Listener Question?  Email us at: hello@artistssoar.com  

If you're looking for the motivation, apps, and process to get your digital photos sorted once and for all, this ep where we interview Carly Michael is for you. About Carly Michael Carly Michael has spent her whole life surrounded by photos having grown up in her family's camera store - Michaels Camera Video and Digital in Melbourne's CBD. When covid hit, the family decided to close the store so she took the opportunity to become a professional photo organiser - something she had developed a passion for during her time managing the family's photo lab. She now spends her days organising both physical and digital photos, helping people get back in control of their photo mess! Digital photos made the top five life admin pain points in our 2021 community survey and while Dinah has had her photos sorted for some time until we recorded this ep Mia felt like there would never be enough time or motivation in the world for her to get her photos into a format that other people can actually access and enjoy. After the interview Mia downloaded the apps suggested, they did their magic, and her photos are finally organised. Carly starts the interview by talking about her background and how she became interested in the digital dark age. The digital dark age is a concern that, as technology advances, we will lose access to photos and other data as our current media (including hard drives and USBs) are not designed to last. Mia and Carly discuss how setting yourself a deadline and having a photo project as a goal will give you the motivation Carly discussed the key characteristics of an organised photosystem being: organised - chronologically is the easiest centralised  accessible - ideally on your phone backed up  (consider the 3-2-1 system -  3 copies of your photos,  stored in 2 locations with 1 of those being off site) Carly discusses the risks around cloud storage (eg Google's recent change to its terms and conditions that states If you're inactive for two years Google may delete the content. She also discusses the importance of distinguishing between a back-up and a sync. The key steps to get your photos organised are: Gather - Make a list of all your photos (including on devices and in the cloud)and gather them into one physical location Centralise - Put all your digital photos into a central hub - ideally using a hard drive. If you have issues extracting photos consider using Dropbox. It is also useful as a backup Back Up - Carly recommends using BackBlaze Deduplicate - Get rid of duplicates - Carly recommends using Photosweeper for a Mac and Duplicate Cleaner Pro for a PC Organise your photos (folderise them) - Carly recommends using Big Mean Folder Machine for Macs and Photomove for PC. If you run into issues with dates you can use Adobe Bridge to assist with finding the original dates Maintain - consider using dropbox to make a backup of your photos from your phone (not a sync) until you reorganise them. Then create a habit (perhaps by pairing with another regular task) to make sure you oragnise your folders on a regular basis. Also consider changing your behaviour to curate your collection as you go. Adopt the same mindset as you had when you took photos with film. Carly also discusses scanning hardcopy photos - noting that if you are going to scan photos you want to scan once and to the quality you want. You can scan photos using your phone with apps such as photomyne, however, the quality will be limited. She notes that if you are going to scan you want to organise as you scan. Carly also recommends changing your photo setting on your iPhone from HEIC to JPG and not using the Live feature. RESOURCES PhotoGenie - Digital Reset Service Back Blaze - Backup service  Photosweeper - to deduplicate photos on a Mac Duplicate Cleaner Pro - to deduplicate photos on a PC Big Mean Photo Machine - to organise photos on a Mac Photomove - to organise photos on a PC Adobe Bridge Dropbox Camera upload Photomyne - app to scan photos from your phone SHARE Please head to the Life Admin Life Hacks Facebook,  Insta or Linked In pages to connect with listeners and share your thoughts, questions or suggestions.

In this interview Blake Rudis of F64Academy.com joins the show to explain why he thinks Adobe Bridge is the superior option to Adobe Lightroom. The post Adobe Lightroom vs Bridge! appeared first on This Week in Photo.

In this interview Blake Rudis of F64Academy.com joins the show to explain why he thinks Adobe Bridge is the superior option to Adobe Lightroom. The post Adobe Lightroom vs Bridge! appeared first on This Week in Photo.

Welcome to Episode 149 of my podcast interview from the crow's nest. And it is Monday second of November, 2020. Today, today was it is Monday, so it's getting back to normal and trying to get back on with work and trying to sort things out some reason we were really tired this morning, maybe it was all the fresh air of yesterday, but took a little while to get going. And it's the beginning of the month. So, that means, the first thing to do is sort out financial stuff and, you know, Tally everything up and send out invoices and all of that business. That pretty much took up a good few hours of my morning, my desktop computers stopped downloading anything, and I can't get the second monitor to work and it's right pain so I went back to my laptop, and at least I've got a second monitor my laptop is working with a laptop just fine. So, that took me a while to reconfigure my desk and get everything ready for that. And then I spent a little bit of time learning which I haven't done in a while, which is always very enjoyable. Photography there's a programme called Adobe Lightroom, which is what I use to edit most of the photos, and then between Lightroom and also another programme called Adobe Bridge. They are like, often used by photographers because you can catalogue and put your photos in order and tag and geo locate and all that stuff, stuff that I've never done. So I thought today right let me get my head around Adobe Bridge and what I should be doing for my workflow, because I want to take it more seriously that Sofia wants to do more stuff. And, you know, release more photos. And so I thought it would probably be wise to start getting myself a bit more professionally minded with my workflow so I spent a bit of time doing that. And then, then I did all the other stuff financial stuff, checking out some stuff for clients, looks like we've got another client coming and war for audience ninja which is really excellent another musician, which is exactly what we want. So, that's cool and also much needed revenue as well so that's positive. And then I downloaded a couple of new tools, new toys musically, some software. So, I was they were given away free which is great and they're both really really good. One of them is a company that did a recording of the British, the BBC Symphony Orchestra. So it's like orchestral sounds basically and it sounds fantastic. And the other one is like, kind of keyboard sounds bass cures whole old keyboard stuff, but their idea was that straightaway you just get cool sounds which you kind of can feel inspired by. And so I thought, let me just see and True enough, I wrote a little short very short piece of music by taking a drum beat from my new little birthday present that I bought myself, which was various different drum beats and different styles. So this was a jazz beat, and then that new keyboard plugin I put this kind of like whirly keyboard thing which sounds really cool and kind of chilled and Jazzy, and then with the BBC Symphony Orchestra wrap. Let's try with that so I put a little. Some cellos in, and then a bit of horn. And it sounds really cool. So, that was a a successful test of these new toys and be good because it means I reset up my music stuff so I can write again and see, it's just a reminder okay how do I plug everything in how's it work okay yep. Now, um, you know that helps me to slowly get my head back into the music game which is what I really want to do so. Today we also bought my insurance my health insurance, which now opens up, me being able to get my residency. So hopefully I'll get my residency and possibly even this week, we found out about transferring my driver's licence to an Italian one that may well be able to do that a bit more easily than we thought. I mean still jumping through hoops they'll still be costs, but we might be able to go direct to the kind of like motor, Office of the region rather than going through driving schools and third parties and whatnot, whi --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/theviewfromthecrowsnest/message Support this podcast: https://anchor.fm/theviewfromthecrowsnest/support

Welcome!   Today there is a ton of stuff going on in the world of Technology and we are going to hit a number of topics from being aware of fake sexual harassment claims being used to mask malware to the advantages and disadvantages of future military technology, and why everyone should be using multi-factor authentication -- so stay tuned. For more tech tips, news, and updates visit - CraigPeterson.com --- Related Articles: Don’t Take The Bait - Fake Sexual Harassment Claims Can You Detect A Phishing Attempt? Vulnerability in Popular Anti-Virus Program Bots Losing Panache as Cybercriminals Hire In Third World Not If, But When -- Don’t Think You Are Not A Target Big Tech Has Your Private Medical Records -- Through Hospital Partnerships    Future Defense and Military Tech Best Practices in Authentication Still Mostly Ignored By Businesses --- Automated Machine-Generated Transcript: Craig Peterson 0:05 Hello everybody! Craig Peterson here. Welcome. Welcome, you are listening to me on WGAN and online at Craig Peterson dot com. Thanks for joining me. Today we are going to be talking about some of the most important things that are happening in technology as we do every week and more particularly what's going on in this security realm. We'll talk about how you can detect if it's a phishing site that you have gone to, New malware from TrikBot here, a brand new one. Some complaints here about McAfee. Every piece of anti-virus software McAfee makes has vulnerabilities. We'll talk about that major, major security problem. We've got an accounting fraud here and how it's getting harder to detect and Why we have breaches? You know, I talked to so many people, I have a lot of customers, a lot of business customers. And they're sitting there saying, Well, you know, this is all inevitable. So what should I do about that? We'll talk about that. Google, you might have heard of project Nightingale. We'll get to that today as well. Defense firms are on track to make some very, very scary hardware. We'll talk about that as well as some of the myths of multi-factor authentication. And there are a lot of myths out there about all kinds of this security stuff, frankly, but let's start with our friends at Microsoft. I bet you thought I was going to say Apple, didn't you? Well, we had a big patch day, Patch Tuesday, and it fixed 13 critical flaws this week, and one zero-day vulnerability. Let's start by explaining what a zero-day is. In this case, we're talking about a zero-day attack, which refers to a vulnerability that is undetectable by any current antivirus software or anti-malware software that has seen this particular problem before. Now you noticed that made a difference a distinction between anti-virus and anti-malware, right? Because anti-virus software behaves in a certain way. Anti-malware behaves well, frankly, a little bit differently. So what are the pros? What are the cons? What's the difference between antivirus and anti-malware? Well, as a general rule here, anti-virus is a subset of anti-malware. Anti-virus is something that we're doing now will probably continue to do forever. Still, it does not catch me. Most of the nastiness that's out there today, anti-virus is you know, at best release Some people would say zero percent effective, but I give it the kind of the benefit of the doubt. And it's about 20% effective. So if you have antivirus software, it's only useful about 20% of the time against all of these different types of attacks, it's probably close to 10%. If you pull in the human element into all of this, anti-malware software behaves a lot differently than antivirus software. Some of it is whitelisting, where it knows this is a legitimate piece of software that was not modified. So it allows it to run that on one side. These are quite difficult to keep up to date because you have to continually monitor what's going on in what the software upgrades are. What the checksums of that new version of the software are, their libraries, are they all legitimate all those DLL files and everything else they're using. It gets pretty darn complicated from the whitelist listing side. And there's a couple of companies that do whitelist. Some of them, frankly, do better than others. Craig Peterson 4:07 Some of them, in reality, isn't even really doing whitelisting when you get right down to it. And then there is the next level up, which is the anti-malware software. And anti-malware is software that looks at the behavior typically of what's going on. And there are there's software out there right now malware this designed to fool the anti-malware software to so it looks at it and says, Okay, this just installed Wait a minute, started opening a bunch of files. Wait a minute, is writing to a bunch of files. Wait a minute, and it's changing all these file names. That's the type of behavior that would be typical of ransomware. Good anti-malware software looks at the behavior of a program as it is opening all kinds of part the TCP/IP packets, that are trying to use a network to get to all of these other computers that are out there on the network. What is it doing? How is it doing? Why is it doing all of that? That's good anti-malware software. So it will do all of that it looks at checksums, it looks at just all kinds of things. And it typically has about a 10% performance penalty on your computer, and it can be a little bit higher than that. But it's they're busy looking at everything, examine everything trying to figure out what to do. So we have anti-malware software out there, as well as anti-virus. Those are the two significant types of software you'll put on to your computers. And frankly, anti-malware like well we use has multiple layers of software, and it ties into external databases and, and Cisco Telos to get updates and everything else. So that's what we use us what we do. So, in this case, we're talking about a zero-day Hack against some of this Microsoft software. So what does that mean? Well, that means that we're as of right now, none of the antivirus software knows how to detect this as a virus, none of it. That's zero-day, it's day zero. So tomorrow will be zero-day plus one, right? So day one of this out in the wild. And Microsoft, with their Patch Tuesday, decided they would plug 73 security vulnerabilities in their software products, including 13 of them, given the top level of a critical security vulnerability. And I guess it's kind of fortunate that this month only one of the flaws is known to be exploited. And this is a CV, that's what they're called that scripting engine vulnerability and Internet Explorer, and the sooner they get rid of Internet Explorer entirely, the better off everybody lives. Everybody's lives will be IE; they built it into the kernel so that they could have more control over it. You might remember the lawsuit against Microsoft saying, Oh, you can't ship a web browser that's integrated right into the kernel. Because now, you make it so that none of the other web browsers can work on internet XP on Windows, which was right in the very beginning. And you're blocking us out of there, and thereby it's anti-competitive, you know, it's all true. Now, IE because it's inside all these versions of Windows, these vulnerabilities can affect users who are no longer even using Internet Explorer at all. In other words, you don't have to launch the browser. You don't have to go out to the internet. You could get nailed on it right away. Okay. Now Microsoft Office is using the same rendering engine that has this vulnerability that internet access Laura has, and it can be embedded and in fact, triggered by an active x control on a booby-trapped web page. Active x is one of the worst things Microsoft could have ever done. It's right up there with some of the vulnerabilities and flash and Java. You know, are you kidding me you allow a web page to run code on a machine. And they at least they have markers on it, but it can be Mark now was safe for installation. The whole thing's crazy. I still don't understand Microsoft, and what they're doing here. Craig Peterson 8:36 So bottom line, make sure you do your update. I checked right before I went on air, and there aren't any significant problems that have been found with the updates here for November from our friends at Microsoft. They're often are. We also had this week, and some more patches come out from our friends, my friends, and yours from Intel. Now Intel makes a lot of the computer chips that are inside our computers, mainly for using a Windows machine. But Macs use Intel chips to, although they don't have to, I don't know why Apple went with Intel, you know, my guess was it was less expensive. And Intel also had some outstanding power performance numbers saw, you know, I can't blame them. But we have a bunch of patches that came out from Intel, that make all of their CPUs almost every processor they've made in the modern era is entirely vulnerable. Craig Peterson 9:39 And that's a terrible thing, including vulnerable not just on your desktop, but vulnerable in all kinds of operating systems and data centers. So, if you think hey, listen, I went ahead, and we moved all of our stuff to the cloud. They are just taking care of because it's in the cloud. Microsoft knows what they're doing. The answer to that is, well, they kind of know what they're doing. But they're stuck with this Intel vulnerability. There will be more patches coming out according to the people that found these vulnerabilities in every model of Intel CPU, Major, major, vulnerabilities. According to these people, there are more than Intel hasn't passed on yet for whatever reason. It's really, it's kind of crazy, frankly. So we got Microsoft patches for some major ones. This week. We've got Intel patches, some major ones this week, we've got Adobe patches that are out as well. So make sure you do the upgrades. I'm not going to go into all the details here. Man Adobe light set of patches this month only 11 security vulnerabilities from Adobe and Adobe Bridge, animate illustrator, and Media Encoder. Two months in a row where there are no patches for Flash Player. I'm not sure what that's about if they keep happening with flash player or if something else is going on. All right, stick around. We're going to be right back. You, of course, listening to Craig Peterson here on WGAN, make sure you visit me online at Craig Peterson dot com. We've had a few pop-up-trainings already. I'm doing some Facebook Lives and getting information out, and you'll only find out about them if you're on my regular email list. Craig Peterson dot com slash subscribe, and all of today's articles are up there as well. And there's a sign up right there too. So make sure you sign up to find out about all of the latest that you need to know. Craig peterson.com, when we come back, we're going to talk about chick bought something new going on out there trying to get us to do something we just shouldn't be doing. Stick around. We'll be right back. Craig Peterson 12:02 Hey, welcome back, everybody. Craig Peterson here, little beach music. I was out for the last week and a half out at a conference in Phoenix, Well I guess isn't exactly near the beaches is it, but it was sure nice and warm. And then I got back home, and you know what's happening up here in the northeast? Yeah, a little bit of cold weather. Some of it's a little too cold for my liking. You know, it just came on so fast. We were like in the 60s and 70s. And then all of a sudden it's like the 30s and 40s. I don't know what's going on. Well, let's talk about this TrikBot. It is a new malware that's out there. I've spoken to many times here on the show about what the FBI has been warning businesses, which is the business email compromise. You probably heard of that before bc we're talking about something that's cost businesses. Well over 10 billion, I think it's over $14 billion now. And we're not just talking about a little waste of time. No, we're talking about these guys and gals going right after our business bank accounts. And the way they do it is they're kind of sneaky about it, they get and get you to, to basically for the money, right to wire the money to do other things that are going to hurt your business. You may not realize it at the time, and they're just trying to fool you. Right. So how do you fool someone? And I know I know you can't fool an honest man. I've heard that so many times in the past, and there's a lot of truth to that. But here's what they're starting to do now. And you might have gotten one of these. I have had several listeners reach out to me. I and quite a few saying hey, I just got this email chain that, you know it's it's got a video of me visiting this, this nasty website out there right so you guys are probably heard about that one before it's been around a little while. Well, now what's happening is they are sending an email that appears to come from the US Equal Opportunity Commission. This email is saying that wait a minute here, and we have a sexual harassment complaint against you. Now I understand as a business owner, how this can be kind of crazy. And I owned a building, a business office that I had my business running out of, little more than 20 years, maybe a little longer. Ago now. And that business office, I put in doors, and all of the doors were floor to ceiling glass because I didn't want anybody saying that I was harassing somebody or doing something illegal. Now, of course, I, you know, we didn't have microphones and cameras and things. But I just wanted everyone to feel reasonably comfortable that no one was going to corner anybody. And, you know, I think I was kind of mostly successful about that one of these days or forever sitting down having a beer, you might want to ask me what happened there. But anyway, this is something called Trikbot, and it's a banking Trojan. And it's going after employees of large companies. And it's trying to scare these employees into thinking that the US equal Equal Employment Opportunity Commission EOC is coming after them. And they are trying to get them to and are being reasonably successful in having them handing over sensitive information. And they're using a bunch of different social engineering techniques, including malicious payloads or redirecting them to fraudulent sites they control by emails that look like coming by somebody they trust, etc. Okay? Now, these spearfishing emails, and I'll read you the text in one here in just a minute here. But they, what they end up doing is dropping a malicious payload on to your computer. And as part of this campaign, these malware operators use the information they've collected from people, such as their names that company they work for job titles, phone numbers, to customize these phishing emails to make them a lot more convincing. Now think about your business and your business's website and other information that you're making available to the public. Digital website has, who the officers of the corporation are. Craig Peterson 17:04 Now I know that all of us for our businesses, we have to file with the state chapter file with the IRS and various other things. But when it comes to the state, those records tend to be public. So people can go online, they can find out who the President is, who the officers of the corporation are, who the Registered Agent is, etc., etc. Right? And so now a bad guy can go online and find out almost anything they want to find out about a smaller company because it's right there on the website. Now is that easy or what? Now let's go into one of these pieces of email. Everything from the email subject This is from bleeping computer dot com. Everything from the email subject and the message content to the malicious attachment. Each of these mouse spam email Males comes containing the potential victim's name. Now I'm looking at it here. It's got a form, and it seems like it's legit. It has the logo of what I assume is the US Equal Employment Opportunity Commission because it looks official enough to me, and the title at the top is the U.S. Equal Opportunity employment commission harassment complaint. Then the complete submission of a complainant form has initiated an intake interview with an EOC officer. Okay, this is what they're sending out right now. It looks very, very legitimate. And they use the name of the victim with a grievance raised against you. That's a subject for each of the phishing emails, and they're trying to get you to pay attention. They also have a customized email body to instill a sense of urgency. So it'll say, dear name of the victim, private and confidential. One of your co-workers has lodged a complaint with the EEOC. Now on top of it, all the malicious attachments, drop TrikBot payloads also have customized names. And again, it's the name of the victim-dash harassment complaint letter, and it's got a phone number on it. The entire purpose is to get you to open that attachment. And by adding this personal touch to the phishing emails, they've been increasing their chance of people opening them. Now, you know, I do a little bit of marketing for some of the courses that we offer and, and for some of the other services, you know, like the security services that we offer the businesses, so I've studied some of the marketing stuff that's out there. And I can tell you right now, most people, if you get an email that looks like that are not opening it. If you're concerned about a particular email and you have listened to my show for the last 20 plus years. You're very, very worried about it and legitimately so. Craig Peterson 20:10 So I'm not sure just how effective this is, you know, spam emails right now have an open rate of about, well, it's less than 1%. Legitimate emails have an open rate of, you know, as much as 15 to 20%. So I don't know how well they're doing. But when they're sending out 10's or hundreds of millions of emails, we're talking about some pretty darn serious stuff here. A lot of potential victims. These are highly targeted and regularly updated. That goes into some of the problems with antivirus software we will talk about later on. And that is if it hasn't seen that before, it's going to get tricked. This spear-phishing campaign delivers the malware payload. It's evolving. It's a banking Trojan. The purpose is to get you to give some banking information out. And apparently, it's been pretty successful. By the way, it's been in the wild since October 2016, one of the most aggressive pieces of malware that are out there right now. Stick around. When we come back, we'll be talking about McAfee's antivirus software and what's going on with that. Especially as it relates to some of the malware that's spreading out there in the world, right now. Make sure you are on my email list. So you keep up to date with everything that's going on. Craig Peterson comm slash subscribe. I'll let you know about the pop-up-trainings. I want you to pay close attention because I'm not going to hound you about this stuff. And we've had a lot of people attending them. They're free. Usually, they have two-hours worth of content and questions and answers. Stick around. We'll be right back. Craig Peterson 22:05 Hey, everybody, welcome back. Hey, did you see this? It was an announcement by one of the investment firms saying that Tesla might be missing the boat when it comes to electric cars? You know, we've all thought Tesla was the leader in the in that isn't so many ways right and built their battery factory. They've been just doing all kinds of amazing things, but it looks like they might be losing a little bit of an edge when it comes to the overall electric car business. Because now you've got Ford and GM, the major US manufacturers, I think Chrysler as well. I know Ford and GM both have some major stuff going on, as well as the Japanese firms like the Nissan LEAF. That's been all-electric for a long time, although Nissan stops making the thing some of these us manufacturers are definitely in the middle of it all. And you probably heard me a couple of weeks ago talking about some of the real risks when it comes to Tesla electric cars, particularly in the event of an accident. It's a scary thing. Frankly, it's a frightening thing being involved with the MS for all of those years to think about it. Well, we spoke a little bit in the last segment about this TrikBot malware using fake sexual harassment complaints as bait. We started off the hour talking about Patch Tuesday, and 13 critical fixes for Microsoft software, this critical fixes out for Adobe software, you got to apply these patches. According to the stats I've seen. There are, on average, about 65% of Windows computers that do not get updated at all. If this is you if you're one of those people, I urge you to spend a few minutes, let's make sure that the machines are updated. I know some people that say forget about it. I'm just going to replace my computer when it's just so far out of date. I know some people have done that with cars, too. I had a good friend I haven't talked to in years. But he was telling me that his dad did the math, back in the day, many many years ago. His dad did the math, and he figured that if he paid for oil changes throughout the life of an engine just wasn't worth it. So he said, Hey, listen. What did an engine cost back in the day it was a couple of grand for a boxed engine, and he was a mechanic he could quickly put in a new engine. And if I pay for oil, filters and my time to change the oil I will pass the break-even point at about 30,000 miles. So, in 30,000 miles, it was cheaper to replace the entire engine, than to pay for years of oil changes. Can you imagine that? So I did some quick mental math, and I agreed with him. He said, Listen, it's not as though I don't have oil in the engine. The engine will run off this known oil in it. But all I do is add oil when it needs oil added, and he never changed his oil. And at about 50 to 80,000 miles, you'd have to replace his engine. So he figured he was ahead of the game. Nowadays, with these new engines and filters and oils and the oil is just so thin. Nowadays. They're saying 10,000 miles give or take between oil changes, so it's not anywhere near as bad. Plus, some of the cars today will tell you, hey, I know Need an oil change? So you don't even have to keep track of the miles, you know, used to be 3000 miles. Do you remember you might not be old enough to remember, but the oil did not have the cleaners in it now, nowadays they have been detergents because your engines would get all sludgy? And what a mess ever take one of those apart, even just the head of the engine, the mess that was in there, we don't have those problems nowadays. Well, some people have taken that whole idea of, hey, it's cheaper to change the engine than it is to change my oil. They've taken that to the extreme. But you know, it is not like that when it comes to computers. You can't just have the laptop sitting on your desk or under your office and leave it there for years to come and say, Hey, listen, when it breaks down, I'll replace it. I'm not going to bother doing upgrades of my software won't work because it's running Windows XP, or whatever some old version of Windows, I'll go out to one of these, big-box retailers, and buy another computer and throw this one away. Craig Peterson 27:14 That is a very, very bad idea. Craig Peterson 27:16 And I suspect that's where some of the 65% of people come in, that are not maintaining their computers. Now you have to keep them because unlike your car, your computer is continuously under attack. So, that means you have to not just upgrading and updating windows but all of the software that's on your computer. You know, I talked a little bit earlier about Internet Explorer, and only Internet Explorer alone having it on your computer will cause other programs on your computer to get infected and allow hackers access. It's just plain old, not worth it. Well, let's talk about Anti-virus doctrine. Oh, you remember I said antivirus software? Yeah, I convinced myself that it's, it's about 10% effective at no more than that guaranteed. And we can go through all the numbers again, if you want to buy me a beer sometime we'll sit down and go through all the numbers, and how virus software does not work. Craig Peterson 28:19 Well, Let's talk about some software that doesn't work. McAfee antivirus software. In an article from ZD net, has a code execution vulnerability, a severe security flaw that can bypass the self-defense mechanisms built into McAfee antivirus, very, very big deal. Safe breach labs, their cybersecurity team. It is one of the groups that go around and test software, tries to find vulnerabilities, and then lets the manufacturer know so they can take care of it. But they're saying that this particular vulnerability can be used to bypass McAfee self-defense mechanisms and could lead to further attacks on a compromised system. Now, this vulnerability exists because of a failure by McAfee's programmers to validate whether or not these DLL's it's loading have been signed, let alone appropriately signed. Remember, I even mentioned that in the first segment today. These self-defense mechanisms are essential, and they need to be in place, even though the antivirus software is going to be at best 10% effective at least you would have 10% effectiveness right. So because they can bypass the self-defense mechanisms and leading to further attacks on a compromised system. It needs to get fixed right away. See an arbitrary unsigned DLL that gets loaded into multiple services that run is NT authority, backslash system. Craig Peterson 30:06 Now, the only good news is that attackers need to have administrative privileges to take advantage of it. However, I rarely walk into a business where everyone isn't running with, with, frankly, administrative privileges. The companies do that, and I understand why they do it. It's a bad thing to do should never do it. Right. But I know why they do it. They do it because, oh, it's just so much easier if I have to install software right or to call the IT person. And the IT person is the Assistant to the owner. And she's always busy. He's still running around doing stuff. I don't have the time, and I can't keep asking for permission to do things. So, everybody gets administrative authority. There are three main ways and which is why vulnerability gets exploited according to the Safebreach lab. Anti-virus software might not detect the binary, and it loads it without any verification against it. Impacted software includes McAfee total protection, anti-virus plus AVP from McAfee, and Internet Security up to and including the version 16.0 point 22. You must get the latest software. So, if you have McAfee update, pronto. And as I said, you should update, anyways. And don't use antivirus. I recommend getting a robust anti-malware stack of software. Craig Peterson 31:39 So what are people doing? Vendors doing? They're just renaming their stuff is anti-malware stacks. Yeah, yeah, that'll fix the problem. Your listening to Craig Peterson on WGAN stick around. We'll be right back. Craig Peterson 32:02 You know, it's funny how you get used to the weather, whether it's hot or cold. You're listening to Craig Peterson here on WGAN. And online at Craig Peterson dot com. You'll find my Facebook page by going to Craig peterson.com slash Facebook. And I've started posting some stuff up there. Well, I do that actually, every day. My wife is the one that's putting the articles up that I come up with every week, every day. But you are also starting to find I'm doing Facebook Lives and YouTube lives, and just you know, I'm getting a little better at some of this stuff. And there are a lot of possible angles here. By the way, you know, I mentioned I was at this conference, and I was learning a little bit more about marketing and product development out there. Product development is what I kind of love doing, Right. We can do it quickly. We know what we're doing. We know how to do it. So we're trying to figure out how can we produce a very inexpensive product that is going to help a lot of people when it comes to security. And I think we've got the answer. I don't want to be, you know, mean and nasty about this, but we're working on it. And we should have something in a couple of weeks from now, that I think is going to change lives. I think this is going to be earth-shattering. If we do this the right way, it is going to change everything for anybody that decides that this is for them. So we'll be talking about that in a couple of weeks from now. But it's an idea from another industry that in fact, it's the tennis, tennis training business, and I think it's like the world's most perfect idea. Here when it comes to us, so we'll be talking more about that. But you can find that you can find information on the articles that I have every week, you can see all of that stuff you can find out about the free pop up classes, the pop-up-trainings that I've been doing, you can find out about some of these Facebook Lives and YouTube Live. All of these are free training. I'm just trying to get this information into your hands. You know, the Whats, the Why, and the Hows, all of that stuff. And there's only one way to get it. And that is to sign up, go to Craig Peterson dot com slash subscribe, and I will make sure that we send you every week just a quick summary of the stuff that's going on. I'm going to have a special sign-ups for these pop-up-security-trainings, So no, I'm not going to send you a lot of emails unless you ask me to write by default. We got a great article from Joan over at darkreading.com. Dark reading dot com is one of those websites, one of many to which I pay quite a bit of attention. They do have some great, great content. In this article, they're talking about fraud and how it has changed. You, I'm sure, are familiar with our friend, the Nigerian prince, and all the things he did and how he tried to get his money out of the country. And all he needed was to use your US-based account, and you could keep some of that money. You remember that right then, it's just full of misspellings. It was just terrible, and there are reasons for the misspellings, there are reasons for the way they do things. No doubt about it. Well, things have changed. Now economics have changed. And they are swamped, making a whole lot of money. And they're doing it in different ways. They've done it before. You know, we've got tools now to detect and mitigate some of these attacks. And the easiest way to do that we have some software that all the email flows through, and it's looking for patterns look, make it look like it's a bot that sending out these emails. And when we put those this particular filter in place, in fact, it's and AI bought itself. That right the Battle of the AI that's coming to, but you know, the amount of spam these things dropped by 90 plus percent. It's just it's dramatic, how much it helps. Craig Peterson 36:58 Well, what has happened now is the bad guys have found that labor is getting cheaper and cheaper in some of these developing nations out there. And they're able to get people in Venezuela, for instance, where they are starving to death where they are picking through garbage because of their socialist government. And man, I saw this thing the other day, it just shocked me, they were using a sharpie to write on people's forearms a number, so they knew when they could get food. Yeah, when they could get food from the grocery store. That's how bad it is in Venezuela. So you have to wait in line. You have to obtain a number one thing. God is not a tattoo. It's a sharpie, but you have to get a number there on your forearm, and then you can get Food. And if you can't wait, and if you don't get enough food for your family, you're going to have to go through the garbage. It's just absolutely insane. Well, cybercriminals are hiring workers in Venezuela now, where the hourly wage has gone way down compared to other currencies. I am not sure if you remember, but Venezuela used to be the wealthiest nations in Central and South America by far and is now one of the poorest countries in the world thanks to their socialist government. Well, the hourly wage is so low that it now makes economic sense to pay people to manually carry out the fraud to write these fraudulent emails to research to get the stolen account data instead of using bots like they have been doing before. So, here's a quote straight from the article. "attackers are giving people a script and saying here's a quota you have to hit, criminals are always trying to figure out what is the lowest hanging fruit as merchants and companies evolve with defenses, these attackers evolved, humans just happened to have become the flavor of the month." So, these human-driven attacks are increasing quickly and exponentially. Now, the most recent fraud report that came out covering q3 2019. So. just this last month, found that attacks carried out directly by humans, both loan perpetrators who are trying to get money to support their families in third world countries, and organized criminal groups increased 33% over the previous quarter, nearly one in every five fraud attacks are manual now rather than automated. Craig Peterson 39:57 Now, of course, their goal is to look as legitimate as possible. Having humans involved does increase your chance of success. And so many people worldwide speak English because English is the international language of business. And it's causing a problem. This quarterly report that came out from our coasts looked at 1.3 billion transactions spanning account registrations, logins, and payments in the financial services, e-commerce, travel, social media, gaming, and entertainment industry's overall fraud increased 30%. In q3, and bought driven account registration fraud is up 70% as cybercriminals test stolen credentials, in advanced of what in advance of the US holiday season. Isn't that amazing? But now every third attack on financial services is manual. Attacks are coming from fraudsters now with access to stolen identity information. They're using the latest tools. Over half of the attacks that originate from Russia and China are now human-driven. It is changing everything. The data highlights that the entire attack incentive for countries across the globe is economically based. We've got some substantial economic things happening here in the US. If a nation's currency is worth only a fraction of the US dollar, then the incentive of a criminal in that country to defraud an American business is very high, because they've got that multiplier based on the value of their currency compared to the value of the US dollar. So, it's incredible what's going on. You've got to watch it. You got to be careful that There are a lot of bad guys out there that are looking to get their hands into your accounts. And we've got this shopping season right in front of us now. So what I would suggest to everybody is, check with your bank, depending on your bank, some of the banks and doesn't matter if it's visa or if it's MasterCard visa sent tends to be pushing this a lot more than MasterCard is. But whether it's Visa or MasterCard, you're going to find that they have virtual card numbers that you can use. And the idea behind these virtual card numbers is that you have a one-time card number that you can use when you are buying something online. So, instead of having your regular credit card number that you're using, that's sitting there in a merchant database, that may or may not be configured appropriately or secured. Remember, a secure server doesn't mean that their servers secure; it just means that your data going to it is protected in transit. Instead of giving them your real credit card number, and having that stored in a potentially insecure database, now all you have to do is give them that temporary credit card number. Go to your bank, and you can usually check on the website before you start buying stuff online for Black Friday. And we're going to have some Black Friday deals to or Cyber Monday, or you know, whatever it is for Christmas, for Hanukkah, for whatever you're celebrating. We have birthdays to over this holiday season. Get your bank to give you access, and this will be online access to get a different virtual credit card number every time you do a transaction online. It's cheaper for them to do that than It is for them to issue new credit cards when compromised or stolen. It keeps happening. All right, stick around. We will be back. We got one hour to go. We're going to talk about Google's project Nightingale and see if that's scary enough for you. We are concerned here about some of the defense firms, multi-factor authentication. I will run through how you can tell right what's the best way to do it. And how to detect a phishing site. We'll get to all of that. In the next hour. You're listening to Craig Peterson on WGAN and online, Craig peterson.com. Stick around. We'll be right back. Craig Peterson 44:52 Hello, everybody, Craig Peters on here on WGAN and online at Craig peterson.com. Hopefully, you join me there and sign up for my email list. I get you in my newsletter. You can do that by just going to Craig peterson.com slash subscribe and subscribing to my newsletter. Every Saturday, we are here and talking about some of the latest in technology and security. The things that frankly you don't hear about, at least not the right answers in the general media out there. It's just amazing to me how many things they get wrong, again and again, and again. I try never to attribute to malice what can be easily attributed to incompetence. Is that a terrible thing to say about some new people in the media? You know, if you get right down to it, they have so many things that they have to know about and be semi experts on to write some of the articles, so I guess I really can't blame them for well for least Some of that. Well, let's talk about the chaos here for a couple of minutes. We are in the new normal. Now I'm not talking about with President Obama said the new normal was, which is people high, you know, unemployed, high levels of unemployment and stagnant economy and stuff. I'm talking about a recent survey that was conducted by a security company out there that showed that 86% of 250 top security officials who participated in this survey believe that cybersecurity breaches are inevitable. Now that opens up a whole can of worms because it's unavoidable, does that mean there's nothing you can do about it? I think by definition, it does. It is inevitably going to happen no matter what you do. So why do anything? Many people have done nothing. Remember, in the last segment, and if you've been listening in the previous hour, I talked a little bit about how 65% or so of computers never were upgraded. That's, that's a bad thing, right? And nowadays, when we get right down to it, and we're talking about these 250 professionals, people that know what's going on. We're talking about people who realize that the complexity of today's cybersecurity in businesses makes it so that it's almost inevitable. Now, when we think about cybersecurity, and we're thinking about companies. Obviously there is some truth to this for home users and, and that's why we did this security summer you know, I had that hundred and 50 pages of cheat sheets that we gave away to everybody. Who participated in this. And it was designed to help you understand what you had to do in different circumstances. And hopefully, you got all of those I start, you know, they were all sent out well, by the end of September, because, you know, summer doesn't end until September 21. So I little extra time as my team and I delved into that labor of love out there. But there are a lot of pieces moving parts to this puzzle, and it makes it very, very difficult. Nowadays, we're making our lives even worse because of cloud adoption. We're using cloud services. We're using hybrid environments spread across physical machines, different locations, different teams, various cloud providers, and now businesses are using something called containers. I remember when I first heard about them, I was thinking about, well oil container on Okay, so we're talking about the types of things you put on a truck and then put on a ship right or, or you can rent while you are making the improvements like I did in my kitchen. Craig Peterson 49:11 I got one of these little containers, one of these small pod containers, and loaded it up with all of our stuff while we were working on it. Yeah, that's not what the containers at the businesses are using. These dedicated containers perform a specific purpose, like running a website, or a database or something else. It's just getting very, very difficult to keep track of it all. And frankly, that's why we're seeing some of the major breakdowns. Now we do not see in these in breakdowns like Equifax. What was that? It was, Oh, yeah, a username of admin with a password of admin rights. Stuff like that is just plain old, stupid, but because of everything so complicated and were not tested thoroughly, they broke in. Now, if you are in a business-like, for instance, a shipbuilder, you are thinking about failures. Because if you're out in that open ocean and you get a rogue wave that comes in, hit you on the side, your ship is going to flip over. Now obviously, you don't want to name your ship, Concordia. Another one just ran aground this week over Norway. Of course, the big Concordia running the ground was in Italy, and what a mess. But shipbuilders realize that ultimately, ships are going to fail. There is going to be that rogue wave, or it is going to run aground or the propulsion systems going to go down. And the extremes are like submarines where you have all the compartments, and the idea is that a breach might occur in one compartment, but the other compartments will not. So we're spending billions of dollars, and we're likely preventing a lot of bad stuff. The number of high profile breaches is just increasing and causing devastating damage to us as consumers. It's going to last for decades. And why? Well, like so many other industries, people in the security business are not preparing to fail. And companies are not preparing to fail. It's like what I teach in my backup course, the three to one backup methodology, and I should do another pop-up-training on that. Frankly, you've got to have multiple copies of backups numerous generations of backups on various types of media, in numerous sites, because of Smith's commentary. Now, you might not be familiar with Smith's commentary, but Smith's commentary on Murphy's Law is that Murphy was an optimist. And of course, Murphy's Law is, if anything can go wrong, it will. So shipbuilders have engineered the systems, they have segments in the halls, they have multiple hulls, double triple hulled ships so that if it's carrying oil or something else, if there is a penetration to the hull, the ship won't dump oil or whatever, into the ocean. It's been done this way since the 15th century. And it's been done in today's modern vessels as well. Even the Titanic had some of these things in place, although it had some other problems. I don't know if you've seen some of the more recent studies, by the way, on the Titanic. It's fascinating. But it looks like what happened was, there was a fire in the Titanic's hold coal fire that they couldn't put out. And they had been smoldering and caused a weakening of the ship's hull. And that's why when it hit that iceberg it tore open. But that's another story here. So let's talk about some principles here security principles that they use in shipbuilding that we need to look at in modern IT. Shipbuilders assume that at some point, the ship will suffer leak. So how do you protect against that? How can you fix that? Well, they create holes that prevent a single leakage from sinking the whole ship. So, in the same way, you have to assume there might be a breach in your corporate environment and segment your network so that it doesn't spread. There's a lot of details we could discuss, and maybe I should do some Facebook lives on these things. Craig Peterson 53:52 Your staff who's responsible for maintaining the ship's hull is monitoring for leaks. They're watching for leaks, and they're regularly patching. They're painting they're scraping right to get rid of the rust and to make sure that there isn't a major flaw in the ship's surface, or you know, hull, they're trying to keep the ship safe. So, in the same way, our modern security teams have to be vigilant about monitoring and patching. To prevent these cracks in the perimeter, as well as the interior. We just last week had a client who had an internal breach. They were using a VPN to allow our remote office to get into their primary network. That remote office was breached and was used as a launching pad to get onto their primary network. And then once on one machine on the main network that they could breach, they now we're able to spread within the main network. We got to watch this. The ship's most sensitive equipment is in the engine room. And in the tape game you know in the case of a business you got to venture critical IT assets are considered ships that staff lookouts 24 seven to make sure there is a good watch, we need to do something similar with our data. Keeping the crew from accessing the bridge is an important safety measure. We got to make sure that our user identities get set up correctly and their employees, contractors, remote users can only get data they should be getting to. And we could go into attack after attack after attack. But the bottom line is when you're designing your security, you have to anticipate a breach. You've got to patch everything, keep it patched and up to date. And you've got to segment your networks. And if you need to be secure, the newest types of networking are called zero trust networks where nothing can talk to anything else on the network. Unless it's explicitly allowed because we can't trust it. So the very least segment out your Internet of Things devices, make sure your sales guys are on a different network than your accounting people. Right? Break it all down in the business space. When we get back, we're going to talk about us in the consumer world and Google's Project Nightingale, man, is this a scary project, but you know, heck, it's Google, but not can do anything wrong right here listening to Craig Peterson right here on WGAN. Craig Peterson 56:43 Hello, everybody. Welcome back. Craig Peterson here after the top of the hour. And we are talking about the latest in security and technology. What's going on out there? We cover in some depth here some of the things that you need to understand. Some of these things are specific questions that I've gotten from you. So if you have a question of any sort you'd like me to answer on the air or maybe answer directly, email me. It is ME at Craig peterson.com. I am glad to do it, or you can drop it on my Facebook page. Now I have to say that I get thousands of emails a day. So sometimes it can take me a while to get around to it. So don't feel bad if I don't answer your question right away. But I am pretty good about answering most of the questions that people ask and particularly if you email them me at Craig Peterson, dot com that's so that's what I monitor kind of the most. Some of my team helps you track that too, which is a very, very good thing. Mountain View, California dateline. It is a scary story. And you know, we just had Halloween, but here's what's going on. You might not be aware of it. HIPAA is a law put in place, oh, decades ago now, I think maybe even as much 20 years ago. The most significant part of HIPAA is this whole concept of portability. Now, you may not realize it, the bill was certainly not advertised as being this way, but it is this way. Here's the problem. Before HIPAA went into place, what was going on if you had your medical records, and those medical records had to be kept private, they could not share them with anything and what HIPAA did was. It defined the rules for sharing, among other things. Before HIPAA, your medical records were considered private and kept secret. After HIPAA went into place, your medical records could now be shared anywhere almost in the medical community. And of course, with portability, the idea is, well, you've got your medical records, you want to go to Florida for the winter. So you want the doctors in Florida to be able to have access to your medical records, which is all well and good. It makes a lot of sense. However, other things going on in there still are. If I want the medical records of every patient in hospital x or health plan, why? And I say, Hey, listen, I'm going to buy the company. I'm thinking about buying the company. I'm thinking about purchasing that hospital. The hospital has the right to give me all of your records. That's the bottom line. Scary. And that's been happening. Our medical records have been shared and traded like trading cards. So, one of the largest health systems here in the United States is called Ascension Health. And you might have heard of it before, mainly if you are at all involved in the Catholic nonprofit health system. The Catholic Church has taken care of millions of patients for free, much of the time, you know, no charge to the patient. But the Catholic Church has been behind many of these medical hospitals and medical treatment that has been out there that we have used for generations, frankly, and you know, good on them. It has been wonderful. And they've kept costs under control reasonably right. By right by where I live. There's a Catholic medical center that is renowned in the region for its cardio care. And like many other hospitals that are out there, they will also provide charitable care for those people who can't afford it. So Ascension partnered is with Google Now ascension is, again, the largest health system here in the country. And it partnered with Google. And Google now has access to detailed medical records on 10s of millions of Americans according to a report by the Wall Street Journal, and It is code-named Project Nightingale, I'm sure you can figure out why they call it at night and Gail. And it has enabled at least 150 Google employees to see patient health information that includes diagnosis laboratory test results, hospital records, and other data. Now, remember before HIPAA, man, you could have sued and won if your medical data got shared without your knowledge, let alone your permission. Now, some of the negative results of those HIPAA regulations are coming to light, where the largest health system in the United States, Ascension, shared your medical data with Google. That is a very, very big, big deal. Now, this is reported by the Wall Street Journal, and it's according to internal documents and the newspapers other sources in all the data amounts to complete medical records and contains patient names and birthdates according to The Wall Street Journal. Now, this is a move by Google to try and get a strong grip on the medical business, the sprawling healthcare industry. In November, Google announced a deal to buy Fitbit that has gone through. I'm sure you've seen that. So now, it has access to all the sensitive health data that amassed from Fitbit. How much information have you been giving them? They've got all kinds of health records. They've got what have you put into those things? And we have Google, Microsoft, Apple, and many others competing to get access to all of our medical records and to be the storehouse so that when you go to Florida today, your records are there because you shared them on purpose. Neither Google nor Ascension, according to The Wall Street Journal journal, neither Google nor the country's largest health system Ascension has notified patients or doctors about the data sharing 2600 hospitals, doctors' offices, and other facilities across 21 states and the District of Columbia. So Google's ultimate goal is to develop the searchable cloud-based tool, but here's what I found particularly interesting, and that is about transforming care. In a statement from Ascension, the VP of strategy and innovations, Eduardo Conrato said, "as a healthcare environments continue to evolve rapidly, we must transform to meet better the needs and expectations of those we serve, as well as our caregivers and providers." So what are they doing? Here? Well, it turns out that apparently, they're having the hospitals enter in your data to these healthcare records, uploading them, analyzing them, and helping the doctors come up with diagnosis as well as prognosis frankly. They're hoping to improve outcomes, reduce costs, and save lives ultimately, and you know what they probably will. But the issue at hand here goes back to the HIPAA act of 1996. And should we be able to control our medical records? That's the big question. It looks like the answer to that is no and has been for 30 years. Thirty ish years not quite 25. All right. When we get back, we're going to talk about Rola robots of the killer variety. What is going on with some of these government contractors out there? Man is a scary show, isn't it today well after compensate next week, you're listening to Craig Peterson here on WGAN and Tune on Wednesday mornings at 738 with Ken and Matt, and I'll be online there too. Craig Peterson 1:06:38 Hey, Craig Peterson here. WGAN. Online Craig Peterson dot com. We are nearing the end of the show here. We only got two more segments together. But that's enough time to cover a couple of these articles I want to get to today. Let's start with this one first here, which is the Robots. You know, I have long been concerned about robots as have many other people. Some people much smarter than I have been very concerned about them. Take a look at what ElonMusk has been saying. That's part of the reason he wants to move us to Mars is artificial intelligence and robotics. Think back wow, even to the like the early 1990s with iRobot. And, and that Russian author, I can't remember what his name was, but it's been a concern for a very long time. Now, things changing rapidly. In an article from QZ.com, a new report is out from Pax, a nonprofit based in the Netherlands that's campaigning for peace around the world. And of course, Pax is the word for peace in many languages, and they're warning about this new potential trend that's coming out. I don't know if you've seen some of these moves. Movies where there are swarms of drones. And those drones swarm in on something. There was a recent one, and I think it was Angel has fallen with Gerald Butler. And the President is tagged by the attack by this swarm of drones. We had the same thing happened. I think it was only one or two drones in South America trying to take out a president down there. Well, our militaries are looking at some of this newer technology to conduct war. And you know, frankly, they have to because the bad guys, the other guys, whoever our ultimate future opponents are, are looking at this as well. China has spent a lot of time on it. And if you look at something like these drones, you could easily have killer drones out there. These drones have to have an ounce of high explosives in them, get close to a combatant, and explode themselves in Kill the combatant. That's all it takes. We're worried about what's being called this third revolution in warfare. The first revolution was gunpowder. You know, you could argue right bows and arrows and various things, but the gun powder was a considerable revolution in warfare. And then you had the atomic bomb, which was not too long afterward. The Chinese invented gunpowder. But now activists and military leaders are calling for international regulations kind of like what we have with the Geneva Convention where we defined how wars get fought. They want to govern all-new weapons systems that have a type of artificial intelligence in them, a type of machine learning. They don't want life or death decisions to be made on their own by these intelligent systems. And they're looking to ban them outright. Key governments, including the US and Russia, have resisted it so far, and I understand right. Craig Peterson 1:10:18 But what are you going to do? nears we can tell militaries have not yet deployed killer robots on the battlefield? At least offensively? What are you going to do with a robot that makes life or death decisions and gets it wrong or gets it right heaven forbid, either way, where you've got a robot out there that it doesn't have to think twice about pulling the trigger to kill someone because it doesn't think twice about it. It's almost like having some of our troops sitting in Virginia, flying a killer drone in the air that's over a site 5000 miles away. And just pulling the trigger and off that missile goes. That is not a life or death decision made by that missile. That is a life or death decision made by a human that has to pull that trigger. That's frankly a very, very big deal. The big difference between the two. Now this organization called PAX has identified at least 30 Global arms manufacturers that don't have policies against developing these types of automatic life or death, killer weapon systems. And apparently, they're doing it at a rate that's outpacing regulation. Now, this is normal when it comes to technology. I've talked about this so many times. Technology always leads any regulation, and it's still in front of the laws. It's still outpacing the regulatory ability of governments, but we're talking about companies that include Lockheed Martin, Boeing, Raytheon. We've got some Chinese state-owned conglomerates like a Vic cask, Israeli firms IAIL bit Raphael, Roz tech of Russia, Turkey's STM. It is a very, very big deal. So what are we going to do about it? It's, it is a very, very good question and courts are trying to address it. You will see this article if you're interested in it up on my website as well at Craig Peterson, dot com. Still, activists don't believe that the military use or some degree of artificial intelligence is problematic in itself. The problem or the systems that are designed with AI to select and engage targets, right? The terminology that's used is acquired, identify, and engage targets. And they're able to do it at least three times faster than any human. Today, we use those types of systems, but a human still has to authorize it. So I'm I'm concerned about this packs is more concerned about the potential deployment of artificial intelligence and offensive systems, the systems that are used to go after people that will select and attack targets on their own without human oversight. I think that all makes sense. And the question is, are we going to get regulations are we going to have a Geneva convention that covers this type of technology out there? Who's accountable if an autonomous atomic weapon broke existing international law or some of these future laws or regulations, and we're talking about lives on the lines? We're not talking about weapons destroying weapons. So I'm very, very concerned, defense firms. According to courts, they're not building these weapons in a vacuum. The PAX guys are saying companies believe that's what militaries want in the Arsenal's and I'm not sure the wrong about that. Google and Amazon have both face public criticism about what they have been doing for the military. Although I have to say both of them have been to face about it, notably Google who is developing artificial intelligence at three facilities in China with the involvement of the Chinese government. And they're not doing it here in the US and yet at the same time, they won't do minor things that are designed to help protect us in that it states you know, Google I just don't get it. Understand this stuff. But there's a whole list here of weapons that are existing now. These little loitering munitions, kind of like land mines that sit in the area they wait, like maybe loiter in the area for hours before they attack a target, small or cheap that can be easy to produce. Craig Peterson 1:15:17 And there there's just a whole lot of them. They've got STM This is a Turkish state-owned defense company that produces an AI-equipped loading munitions got facial recognition, kind of like again Angel has fallen can automatically select an attack targets using coordinates pre-selected by an operator they're looking to use Turkey is Kamikaze drones and Syria. There's harpy a fire and forget luxury munition manufactured by Israeli aerospace industry ranges 62 miles tail off for two hours. What's next, right, what are we going to do? All right, stick around. We're going to talk about the mess of multifactor authentication. How did he tech, a phishing site when we get back? You're listening to Craig Peterson, right here on WGAN. And of course online, Craig peterson.com. Stick around. We'll be right back. Craig Peterson 1:16:25 Hey, welcome back, everybody. Craig Peterson here, Happy Saturday weekend. Whenever you're listening to this, of course, we podcast this show as well. And with more than 20 million podcasts, there's bound to be an episode that you're interested in as well. You can listen to that by just going to your favorite podcast streaming site that you'd like to, and you can sign up under iTunes or Spotify. I'm on TuneIn. I'm kind of all over the place, and we've had a lot of good Great people downloading it, which makes me happy as well. You will find all of that. The easiest way is to go to Craig Peterson com slash iTunes, I should put a special page up that just gives all the podcast info, but for now, slash iTunes. And I'd really appreciate it if you would subscribe because that's what really helps drive up our numbers. And that's what helps get people to notice. And in fact, if we had a whole bunch of people sign-up at once or you know, over a week, then the algorithms would notice that, and they would get promoted a little bit more. So I would love it if you do that. But you know, that's up to you. Again, Craig peterson.com slash iTunes. Hopefully, I've earned a five-star rating from you. Or you can just with the TuneIn app, which by the way, you can listen to WGAN on the TuneIn app as well. And you can listen to me on Wednesday mornings at 738. with Matt and can on the TuneIn app so even if you're on the road anywhere in the world, you can listen to this station you can listen to me, and my podcast is also here on tune in. All right, an app, and a website. We got some how's here, you know, I talk a lot about the what and the why. And I give you some how's as we go through the show and a lot of the How is really left for trainings when I do courses and trainings. But we got two articles that I really want you guys to understand a little bit better. And one is from sigh where ones from dark reading. And we're going to start with this first one which is which is the myths of multi-factor authentication. Now without multifactor authentication also called two-factor authentication. In one employee, employees leave, they can quickly get back on if you don't change their passwords, but if you take their token, their physical token back, then life's a little safer. If people lose passwords, if you are a home user, and your password is stolen or compromised, someone can log into the websites. So let's talk about what this is. The best type of basic security is something you have, along with something that you know. So something that, you know, that would be an example of, for instance, your username and your password. So you put them together. And that's something that you know, your username and your password. And then something that you have might be, for instance, a token a digital token. I don't know if you've seen these. We use the type with a lot of our customers that aren't very, you know, technically advanced, that have had like a little six-digit number that keeps churning Gene on the token. So when they go to log in, so for instance, they will use this for a defense contractor or a doctor's office where they have to keep information safe. And when they log in, they're going to put it in their username, and they're going to put in their password. And then they're going to look at their token. And they're going to type in that number that changes every 60 seconds or so. Now you can do this type of two-factor authentication in several different ways. You can do it with your cell phone, a lot of people do it that way, where you get a text message from the website, giving you a code that you can type in. Craig Peterson 1:20:46 Now that's cutesy, Don't you love that I get my code on my phone. That is eminently hackable. One of the articles that I found this week, but I'm not going to share with you guys because it's you I don't have enough time. But it's, it's all about this guy that just lost $20 million in Bitcoin because he was using two-factor authentication, but he was using his phone, and then somebody sim-jacked them. And that's where a cybercr

Dave shares his opinion on whether Adobe Bridge get a bad rap (spoiler alert: he thinks it does and explains why). Hear about some of the similarities and differences between Lightroom and Bridge and how you can decide which is the best tool for you. --- Send in a voice message: https://anchor.fm/dave-cross-talking-shop/message

Pond5 fa ha precisato che i produttori possono caricare solo una parte dei loro contenuti in esclusiva, mettendo però dei paletti abbastanza stretti nel caso qualcuno opti per quell'opzione.In questo settantunesimo episodio del podcast, Daniele Carrer parla anche di:- uno strumento che si chiama Blackbox con cui si può appaltare ad altri il keywording,- la strategia che seguo sulle agenzie dove carico contenuti,- quali preset della fotocamera conviene utilizzare,- come comportarsi con l'audio nello stock footage,- come usare Adobe Bridge per inserire i metadati nei video,- quanto si può guadagnare nel primo anno di produzione,- le difficoltà che ci sono quando si inizia a produrre.Trovi il testo del podcast e i link citati in questa pagina:https://stockfootage.it/pond5-esclusiva-parziale/

Pond5 fa ha precisato che i produttori possono caricare solo una parte dei loro contenuti in esclusiva, mettendo però dei paletti abbastanza stretti nel caso qualcuno opti per quell'opzione.In questo settantunesimo episodio del podcast, Daniele Carrer parla anche di:- uno strumento che si chiama Blackbox con cui si può appaltare ad altri il keywording,- la strategia che seguo sulle agenzie dove carico contenuti,- quali preset della fotocamera conviene utilizzare,- come comportarsi con l'audio nello stock footage,- come usare Adobe Bridge per inserire i metadati nei video,- quanto si può guadagnare nel primo anno di produzione,- le difficoltà che ci sono quando si inizia a produrre.Trovi il testo del podcast e i link citati in questa pagina:https://stockfootage.it/pond5-esclusiva-parziale/

In this very special Christmas episode, Booray and Gary discuss Christmas traditions, preparing for the new year, and tackle some listener questions like, "do you use the Holidays as an excuse to take pictures of your family members?" Also, Lightroom users cope with their outrage over an article on Adobe Bridge and a photographer bumps into his images being used on products at Walmart.

Anthony Ray and Lauren Victoria discuss Trump HBCU Executive Order, the HBCU Fly-In and much more.... auren Victoria Burke is a media owner, publisher and strategic communicator. Ms. Burke is the owner of Win Digital Media LLC, WDCPIX.COM and Burkewire News. She is a regular guest on News One Now with Roland Martin and MSNBC where she has been seen on Hardball with Chris Matthews and UP with Steve Kornacki. She has also delivered analysis on current events on The Tom Joyner Morning Show. Ms. Burke is a regular guest on WVON in Chicago, WURD in Philadelphia, WHUR in Washington and SIRIUS XM. Her written work has appeared in NBCNews.com, USAToday.com, TheRoot.com, Poitic365.com and newspapers across the United States via the National Newspaper Publisher's Association newswire. Ms. Burke maintains a strong working knowledge of WordPress, InDesign, Microsoft Word, Adobe PhotoShop, Dreamweaver, BookSmart, Adobe Bridge and Photo Mechanic. Ms. Burke was born and raised in New York.

RAW PODCAST 11! Who would have thought this would ever last? In this episode we talk about what we’ve been up to. We both visited the ProFoto Expo. It was… meh, okay. Good if you’re into things like Printers and Album design companies. Not so much if you want to look at latest camera tech. ProFoto Website Dave talked a bit about Adobe Bridge vs Photo Mechanic. He loves them both and they both have their own strengths. Dave also talked about his new Nest thermostat. The Jonny Ive debate will last for a while… :) The mad crazy Death Star lamp from Ikea https://www.youtube.com/watch?v=KI2os7VD_cc Other quick mentions.. Nikon’s rumours on the D760 and D850 How we both want the new Fujifilm X100F SmartSlides Well… that was disappointing. The main point of discussion though was surrounding social media and taking a break from it. The reason for the break pretty much all stems from Dave watching this Ted Talk by Cal Newport - Quit Social Media Thanks again for listening folks and please subscribe. Dave & Paul To find out more from us then you can check out the following. So then, where to find more from Paul. Web - mhphoto.ie Facebook - www.facebook.com/Moathillphoto Instagram - Moathillphoto Tumblr - moathill.tumblr.com Snapchat - Paul - Moat hill (pmon-aul) And where to find more from Dave. Web - www.davidmcclelland-photography.com Facebook - www.facebook.com/davidmcclellandphotography Tumblr - davidmcclellandphotography.tumblr.com Instagram - davemcclelland

in this podcast I talk about going over pictures with the client in Adobe Bridge. Also talk about getting your name out there as photographers as videographer or any small business. The last segment show I talk about being a memory catcher versus photographer

Show Notes & Links Prepare to Share Places to Learn Business Skills Online The Previous Episode with Sally Hogshead The full catalogue of The Busy Creator Podcast episodes The Busy Creator Podcast 80 — The April Fool's Episode Starship Design, Prescott's design business Dual monitors Apple Cinema Display and old Dell monitor 4:3 ratio vs. 16:9 ratio displays (Macs use 16:10, actually) Hi-dpi screens Wacom Intuos 3 wide format tablet  Logitech K750 Wireless USB Keyboard  The Busy Creator Podcast 6 w/Bill Wadman Hackintosh Prescott prefers Safari, also runs Chrome "The Chrome" Safari extensions (Ad-block, Pinterest, etc.) Prescott [still] uses an iPod Classic Prescott doesn't use Music RIP CastRoller ChimpFeedr, from MailChimp Twitter for Mac Alfred tweets from the system Mac OS X built-in social sharing Faffing, a definition Slack (both for work and for personal) Email is very personal Prescott uses Postbox (but still doesn't like the interface of v4) Mozilla Thunderbird Nylas N1 Airmail (too smart for Prescott) Prescott doesn't use Apple Mail Adobe Creative Cloud Prescott uses Adobe Bridge, not mini-Bridge (which is now discontinued) Adobe TypeKit Extensis Suitcase Fusion CS3 "still works" Adobe XD, up and coming Sketch Adobe Audition Adobe Lightroom Prescott doesn't use Apple Photos, and before that, iPhoto Coda Transmit, also from Panic Software SourceTree, from Atlassian BitBucket GitHub Byword RIP Bean Microsoft Office (Word, Powerpoint, Excel) Apple iWork (Pages, Keynote, Numbers) InDesign Harvest WaveApps Chase Amazon Visa card Cushion Expensify Quickbooks Prescott has also used Billings, Freshbooks, FreeAgent, Harpoon The Busy Creator Podcast 31 w/Bryan Orr, Project Management & Collaboration Tools Freedcamp The Busy Creator Podcast 63 w/Angel Grablev, CEO of Freedcamp Asana Basecamp Trello Kanban board (swim lanes, phases)Phases/swim lanes in Freedcamp's Kanban view[/caption] Freedcamp iOS app Teamwork.com (Projects) 17Hats Workamajig VLC MPlayerX RIP Movist 0.6.8 QuickTime Player 7 Pro TinkerTool Onyx Yosemite Disk Utility ClipMenu Dropmark & Cloud.app Blog Post about Quick-Sharing and Quick-Saving 1Password Quitter PushBullet The Busy Creator Podcast 39 w/Steve Dotto Steve Dotto reviews PushBullet RescueTime Reddit.com Default Folder X XtraFinder TextExpander Article on using TextExpander with Markdown Growl Carbonite Amazon Cloud Storage Alfred LittleSnitch SaveSave

In this episode of Adobe Creative Cloud TV, Terry White takes on the task of explaining and showing the differences between Adobe Bridge and Lightroom. Once and for all see which one is BEST for the things that YOU do! Also see tips and tricks in both applications.

In this episode we'll tackle one of things that confuses most new Lightroom users and those switching from Adobe Bridge to Lightroom. The question of "where are my photos and what has Lightroom done with them?"

Trying to remember where all your files are by filename alone is a losing battle with hard drives that hold hundreds of thousands of files. Metadata can help narrow your searches by allowing you to embed unique information about each file. Adobe Bridge will allow you to apply Metadata templates to thousands of files automatically so you can get started organizing your files today.

Adobe Bridge includes a powerful feature that allows you to output PDF's using the built-in Output module. This often overlooked feature makes create contact sheets, full-page outputs, and other layouts a breeze using ready made templates or even customized design. You'll also see how to overlay transparent watermarks for image protection and branding.

It's the first program of 2011! If you have a new digital camera and some new software to go with it, I hope you're not ignoring Adobe Bridge and Camera Raw. I took a recorder to the 2007 Library of the Year and came back with an interesting interview. In Short Circuits, there's yet another attempt to steal your identity and Adobe ended an outstanding (fiscal) year.

Muchas reseñas más de recomendaciones y herramientas, comentamos renombradores de archivos, Lupas y Adobe Bridge, Blu un interesante Grafitero Italiano, Nuestro Twittero del podcast, Star Dock Document, Icon Archive, ¿Que es Sector 5? Super Interesante proyecto.

Adobe's Sr. Creative Director, Russell Brown is back to show us his favorite features in Adobe Bridge CS4. Wow! There's a lot there.

En este capítulo muestro a grandes rasgos algunas características de Adobe Bridge y Adobe photoshop CS4. Descarga el capítulo 142

En este capítulo muestro cómo trabajo con Adobe Bridge y Adobe Camera Raw para seleccionar y ajustar encuadres, color y efectos a las fotografías de una sesión. Descarga el Capítulo 132

In this episode special guest Colin Smith from Photoshopcafe.com shows us how to keep the changes we make in Adobe Photoshop Lightroom in sync with Adobe Bridge CS3 and Adobe Photoshop CS3.

Adobe Bridge in CS2 had a slideshow feature that did a basic slideshow. The slideshow in Bridge CS3 has come a long ways and adds a few very nice features for showing slideshows to your clients as well as giving you more options over controlling the look and feel of your show. In this episode we'll explore those options.

If your camera can shoot in Camera RAW you should take advantage of Camera RAW inside the Adobe Bridge. The Bridge offers Camera RAW processing in batch so that you don't have to make your adjustments one-by-one. In this episode we'll take an introductory look at how Camera RAW works.

The Adobe Bridge allows you to easily move images between the various CS2 apps. However, it also allows you to manage several aspects of the documents you're viewing. So it's probably a good idea to get a handle on how to be most efficient managing the various views in the Bridge and also to take advantage of Workspaces.

Leo Laporte and guest Mikkel Aaland show you how to use Adobe Bridge to get fine control when converting images from color to black and white. Host: Leo Laporte Guest: Mikkel Aaland

Leo Laporte and guest Mikkel Aaland show you how to use Adobe Bridge to get fine control when converting images from color to black and white. Host: Leo Laporte Guest: Mikkel Aaland

I've already shown you in previous episodes how to take advantage of Keywords and other metadata to quickly find your images. In this episode we'll take a look at how to create your search criteria once and use it over and over again with dynamic Collections. The Bridge is about to get a whole lot smarter in helping you find exactly what you're looking for.

Version Cue is tightly integrated into the Adobe Bridge and the CS2 Applications. In this episode you will see how to set up a Version Cue project and how to save multiple versions of a Photoshop document into your project. Then you'll see how to revert back to a previous version. Version Cue is file management for the person who doesn't have a file management system.

Not only can the Adobe Bridge be used to browse and add metadata to your photos, but it can also be used to connect, or shall I say “bridge‿ your photos to the online Photoshop Services. With the Photoshop Services you can order prints, order books, cards and calendars as well as simply share your galleries online with your friends and colleagues. You can even sell your photos through the Adobe Photoshop Services partners. In this episode we’ll explore these services.

The Adobe Bridge is still my preferred way to look at images in a folder. Although I like the New Adobe Lightroom a lot, I still like the fact that the Bridge can view a folder of images or other documents without having to import anything. In this episode we’ll explore some of my favorite Bridge Tips. Also be sure to check out my “Secrets of Adobe Bridge‿ book.