Software package which automatically renders advertisements in order to generate revenue for its author
POPULARITY
Timestamps:4:00 - What's a data breach?10:21 - What's a phishing campaign?13:50 - How expensive is it to fix a data breach? 20:35 - How are startups being targeted?22:07 - Why strong passwords are not enoughThis episode was co-produced by NordPass. Use code “swisspreneur” at checkout to get 30% off Business and Teams plans.This episode was sponsored by Relai. Get started with Bitcoin by downloading the Relai app today, and profit from 10% less fees by entering code SWISSPRENEUR at checkout.(Disclaimer: Relai services are exclusively recommended for Swiss and Italian residents.)About Ieva Soblickaite:Ieva Soblickaite is the CPO of NordPass, a password management solution that is part of Nord Security, the world's leading cybersecurity company. She holds a Masters from HEC Paris and co-founded Medigo GmbH before joining NordPass in 2021.During her chat with Merle, Ieva broke down the topic of cybersecurity into easily digestible, actionable chunks:What's a data breach?A data breach occurs whenever confidential data is accessed and used in some way (disclosed, copied, altered, destroyed). Common malicious uses include trading the data on the darkweb, decrypting the data to demand a ransom payment, and identity theft. What's malware?Malware is any software developed with the express intent of causing harm. Examples include viruses, trojans, spyware, ransomware, etc. It can also completely take over a computer, putting the criminal in complete control.Common types of malware:Ransomware: type of malware that prevents users or organizations from accessing their files. Hackers demand payment to restore access.Adware: type of greyware (since it does not necessarily have to be malicious) that displays ads to certain users. These ads can be unwanted or malicious.Spyware: malware that secretly monitors and collects information about a user's activities or devices, usually as the first step before another type of attack.Another well-known type of cyberattack are phishing campaigns, in which a hacker pretends to be someone the user knows, or an entity that they trust, in order to get them to click on a malicious link, which can download malware or take the user to a fake website where sensitive information will be requested.On average, a cyberattack occurs every 14 seconds, and the cost of fixing it depends on how quickly the user notices it and how quickly they act. On average, users will take 204 days to notice a cyberattack and another 73 days to contain the breach.In order to prevent an attack, several components are necessary:Strong passwordsMultifactor authenticationLimiting access to accounts & regularly reviewing who has accessAnti-virus softwareRegular vulnerability assessmentsHackers target big and small companies alike, as well as both famous and anonymous people, so it's safest to start improving the cybersecurity of your professional and personal accounts now.The cover portrait was edited by www.smartportrait.io.
On this episode of the Crazy Wisdom podcast, I, Stewart Alsop, sat down once again with Aaron Lowry for our third conversation, and it might be the most expansive yet. We touched on the cultural undercurrents of transhumanism, the fragile trust structures behind AI and digital infrastructure, and the potential of 3D printing with metals and geopolymers as a material path forward. Aaron shared insights from his hands-on restoration work, our shared fascination with Amish tech discernment, and how course-correcting digital dependencies can restore sovereignty. We also explored what it means to design for long-term human flourishing in a world dominated by misaligned incentives. For those interested in following Aaron's work, he's most active on Twitter at @Aaron_Lowry.Check out this GPT we trained on the conversation!Timestamps00:00 – Stewart welcomes Aaron Lowry back for his third appearance. They open with reflections on cultural shifts post-COVID, the breakdown of trust in institutions, and a growing societal impulse toward individual sovereignty, free speech, and transparency.05:00 – The conversation moves into the changing political landscape, specifically how narratives around COVID, Trump, and transhumanism have shifted. Aaron introduces the idea that historical events are often misunderstood due to our tendency to segment time, referencing Dan Carlin's quote, “everything begins in the middle of something else.”10:00 – They discuss how people experience politics differently now due to the Internet's global discourse, and how Aaron avoids narrow political binaries in favor of structural and temporal nuance. They explore identity politics, the crumbling of party lines, and the erosion of traditional social anchors.15:00 – Shifting gears to technology, Aaron shares updates on 3D printing, especially the growing maturity of metal printing and geopolymers. He highlights how these innovations are transforming fields like automotive racing and aerospace, allowing for precise, heat-resistant, custom parts.20:00 – The focus turns to mechanical literacy and the contrast between abstract digital work and embodied craftsmanship. Stewart shares his current tension between abstract software projects (like automating podcast workflows with AI) and his curiosity about the Amish and Mennonite approach to technology.25:00 – Aaron introduces the idea of a cultural “core of integrated techne”—technologies that have been refined over time and aligned with human flourishing. He places Amish discernment on a spectrum between Luddite rejection and transhumanist acceleration, emphasizing the value of deliberate integration.30:00 – The discussion moves to AI again, particularly the concept of building local, private language models that can persistently learn about and serve their user without third-party oversight. Aaron outlines the need for trust, security, and stateful memory to make this vision work.35:00 – Stewart expresses frustration with the dominance of companies like Google and Facebook, and how owning the Jarvis-like personal assistant experience is critical. Aaron recommends options like GrapheneOS on a Pixel 7 and reflects on the difficulty of securing hardware at the chip level.40:00 – They explore software development and the problem of hidden dependencies. Aaron explains how digital systems rest on fragile, often invisible material infrastructure and how that fragility is echoed in the complexity of modern software stacks.45:00 – The concept of “always be reducing dependencies” is expanded. Aaron suggests the real goal is to reduce untrustworthy dependencies and recognize which are worth cultivating. Trust becomes the key variable in any resilient system, digital or material.50:00 – The final portion dives into incentives. They critique capitalism's tendency to exploit value rather than build aligned systems. Aaron distinguishes rivalrous games from infinite games and suggests the future depends on building systems that are anti-rivalrous—where ideas compete, not people.55:00 – They wrap up with reflections on course correction, spiritual orientation, and cultural reintegration. Stewart suggests titling the episode around infinite games, and Aaron shares where listeners can find him online.Key InsightsTranshumanism vs. Techne Integration: Aaron frames the modern moment as a tension between transhumanist enthusiasm and a more grounded relationship to technology, rooted in "techne"—practical wisdom accumulated over time. Rather than rejecting all new developments, he argues for a continuous course correction that aligns emerging technologies with deep human values like truth, goodness, and beauty. The Amish and Mennonite model of communal tech discernment stands out as a countercultural but wise approach—judging tools by their long-term effects on community, rather than novelty or entertainment.3D Printing as a Material Frontier: While most of the 3D printing world continues to refine filaments and plastic-based systems, Aaron highlights a more exciting trajectory in printed metals and geopolymers. These technologies are maturing rapidly and finding serious application in domains like Formula One, aerospace, and architectural experimentation. His conversations with others pursuing geopolymer 3D printing underscore a resurgence of interest in materially grounded innovation, not just digital abstraction.Digital Infrastructure is Physical: Aaron emphasizes a point often overlooked: that all digital systems rest on physical infrastructure—power grids, servers, cables, switches. These systems are often fragile and loaded with hidden dependencies. Recognizing the material base of digital life brings a greater sense of responsibility and stewardship, rather than treating the internet as some abstract, weightless realm. This shift in awareness invites a more embodied and ecological relationship with our tools.Local AI as a Trustworthy Companion: There's a compelling vision of a Jarvis-like local AI assistant that is fully private, secure, and persistent. For this to function, it must be disconnected from untrustworthy third-party cloud systems and trained on a personal, context-rich dataset. Aaron sees this as a path toward deeper digital agency: if we want machines that truly serve us, they need to know us intimately—but only in systems we control. Privacy, persistent memory, and alignment to personal values become the bedrock of such a system.Dependencies Shape Power and Trust: A recurring theme is the idea that every system—digital, mechanical, social—relies on a web of dependencies. Many of these are invisible until they fail. Aaron's mantra, “always be reducing dependencies,” isn't about total self-sufficiency but about cultivating trustworthy dependencies. The goal isn't zero dependence, which is impossible, but discerning which relationships are resilient, personal, and aligned with your values versus those that are extractive or opaque.Incentives Must Be Aligned with the Good: A core critique is that most digital services today—especially those driven by advertising—are fundamentally misaligned with human flourishing. They monetize attention and personal data, often steering users toward addiction or ...
Ever find yourself overthinking a problem until you've thought yourself right into a corner? Yeah, we've been there too. But what if there was a way to cut through the noise and just know when something is a good idea? Enter Miller's Theorem, a simple but sneaky-effective thought experiment that's been kicking around in our conversations for years. It's the kind of thing that sounds like nonsense at first until it doesn't. In this episode, we unpack how a casual visit to a bougie home décor store in Seattle turned into an existential crisis over tariffs, pricing psychology, and whether customers actually care if their overpriced alpaca throw just got 25% more expensive. But it's not just about economics. It's about how we make decisions, avoid self-inflicted complexity, and maybe stop outsmarting ourselves into bad choices. Also on the table: the contrapositive, the dangers of taking political soundbites at face value, and why abolishing the IRS is an idea so catastrophically bad it might actually make the Great Depression look like a mild inconvenience. It's a wild ride through logic, business, and just enough existential dread to keep things interesting. Listen now, then hope over to LinkedIn and tell us what you think! Got a topic you would like to have Rob and Justin cover? Join our Raw Data by P3 Adaptive Steering Committee and let us know! Also in this episode: Pokerbots, Adware, and Burning Man, w/ Brad Miller & Kai Hankinson
Willkommen bei Cyber Mind Hacks! In dieser Themenreihe nehmen Simona und Christian von SoSafe verschiedene Cyberbedrohungen unter die Lupe und erklären, wie du dich effektiv davor schützen kannst. In jeder Episode stellen wir dir einen neuen Begriff aus dem Glossar der digitalen Sicherheit vor und geben dir praktische Tipps für den Alltag. Heute geht es um Adware
Imaginez-vous naviguer tranquillement sur Internet, consultant vos sites favoris, vos e-mails, et peut-être même faisant quelques achats en ligne. Tout semble normal. Pourtant, sans que vous le sachiez, votre ordinateur vient d'être infecté par un logiciel malveillant. Comment ? Grâce à une technique sournoise appelée « drive-by download ». Cette méthode d'attaque, de plus en plus prisée par les cybercriminels, permet d'installer des programmes malveillants sur votre appareil sans que vous ayez à cliquer sur quoi que ce soit. Parmi les menaces exploitant cette technique, FakeBat s'est imposé comme l'un des chargeurs de malware les plus répandus en 2024.Le drive-by download, c'est comme si un cambrioleur entrait chez vous par une fenêtre ouverte pendant que vous dormez. Sauf qu'ici, la fenêtre, c'est votre navigateur web. Il suffit de visiter une page web infectée pour que le téléchargement se déclenche en arrière-plan. FakeBat est un maître de cette technique. Apparu fin 2022, ce chargeur de malware se fait passer pour des logiciels légitimes ou des mises à jour de navigateur. Une fois installé, il ouvre la porte à d'autres malwares, tels que des voleurs d'informations ou des ransomwares.Détecter FakeBat et autres malwares utilisant le drive-by download n'est pas une mince affaire. Ces logiciels malveillants sont conçus pour être discrets et éviter la détection. Cependant, il existe quelques signes avant-coureurs. Si votre ordinateur ralentit soudainement ou se comporte de manière inhabituelle, c'est un premier indice. Si le ventilateur se met à tourner comme un avion alors que votre CPU n'est pas surchargé, il y a anguille sous roche. L'apparition de pop-up ou de publicités intempestives est également un signe d'infection par un Adware. Si votre navigateur vous dirige vers des sites non sollicités, ou si vos amis reçoivent des messages étranges de votre part sur les réseaux sociaux, alors plus aucun doute : vous êtes victime d'une attaque drive-by download. Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.
Au programme de cette émission :La trouvaille scandaleuse d'un hacker sur l'App StoreLa face cachée de NvidiaLa vérité sur “l'industrie du bundle”Avec Micode, Tiffany Souterre, Roni Carta & Jean-Louis QuéguinerPensez à mettre 5 étoiles pour soutenir l'émission !Écriture : Matthieu Lambda - Roni Carta Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.
Sam Valencia, Jerry Zigmont and Joe Saponare discuss working with Apple technology and clients. Drawn from their combined experience of over 20 years in the Apple Consultants Network, they discuss technical support issues both with the technology and working with clients.
In today's fast-paced digital age, staying ahead of the curve is not just an advantage; it's a necessity. From the electrifying world of electric vehicles to the intricate web of mobile security, and the visionary influence of Elon Musk, there's a lot to unpack. Join us on this insightful journey as we explore key topics that are shaping the future of technology. 1. Electric Vehicles (EVs): Paving the Way for a Green Future The surge in popularity of electric vehicles is undeniable. We delve into the latest advancements, innovations, and the environmental impact of EVs, providing you with a front-row seat to the future of transportation. 2. Mobile Security: Safeguarding Your Digital Playground In an era dominated by smartphones, understanding mobile security is paramount. From protecting your personal data to thwarting ransomware and adware attacks, we share practical insights to ensure your digital world remains secure. 3. Kochava Chronicles: Navigating the World of Data Brokers Kochava has become a key player in the data ecosystem. Uncover the significance of data brokers and how they impact your online experiences, shedding light on the often opaque world of data trading. 4. Push Notifications: The Power and Perils Push notifications can be a double-edged sword. We explore their potential benefits and the risks associated with malware attacks through these seemingly harmless alerts, providing tips on how to navigate this digital communication channel safely. 5. AI and Its Role in Countering Malware Attacks Artificial Intelligence is at the forefront of the battle against cyber threats. Learn how AI is being leveraged to detect and mitigate malware attacks, ensuring a proactive defense in an ever-evolving digital landscape. 6. BEC Attacks and Elon Musk: Decoding the Phishing Landscape Business Email Compromise (BEC) attacks have become more sophisticated. We uncover the strategies used by cybercriminals, and how the influential figure of Elon Musk is sometimes exploited in these phishing attempts, offering insights to fortify your defenses. As we embark on this knowledge-rich expedition, we invite you to subscribe to the Insider Mail for an exclusive deep dive into these topics and more. Join our community at craigpeterson.com/subscribe to receive regular updates, expert opinions, and actionable tips straight to your inbox. Stay informed, stay secure, and stay ahead in the ever-evolving world of technology. Subscribe today! You can also catch Craig at the following stations and channels: With Jim Polito at 0836 on Tuesdays WTAG AM 580 - FM 94.9 Talk 1200 News Radio 920 & 104.7 FM WHJJ NewsRadio 560 WHYN WXTK Craigs Show Airs 0600 Saturday and Sunday With Jeff Katz 1630 - Tuesdays WRVA 96.1 FM, 1140 AM WGAN Matt Gagnon 0730 Wednesdays Craigs Show Airs 1700 Saturday WGIR 610 & News Radio 96.7 Chris Ryan 0730 Mondays Craigs Show Airs 1130 Saturday On the Internet: Tune-In (WGAN) Radio.com (WRVA) iHeartRadio (WGIR, WTAG, and other stations)
In an era where online threats lurk around every corner, controlling your privacy becomes paramount, whether you're a tech-savvy business magnate or an everyday Internet user. Three words can make all the difference: Control Your Privacy. And where better to start than by exploring the little-known but incredibly potent switches concealed within your Windows system? Join the ranks of the online safety-first-squad and say a resounding YES to harnessing the hidden switches that will turn your digital life from a potential vulnerability into an impregnable fortress. Your online journey is about to transform, and your peace of mind is set to skyrocket. Exploring Key Topics within the Article: First Three Flavors of Mobile Malware Dive deep into the initial three flavors of mobile malware that can put your digital security at risk. Learn how Windows switches can help protect your mobile devices from these insidious threats. Side Loaded Apps Understand the risks associated with side-loaded apps and how you can utilize Windows switches to maintain control over what gets installed on your device. Mobile Ransomware, Adware, and More Uncover the menace of mobile ransomware and adware, and explore how hidden Windows switches offer a shield against these malicious entities. Electric Vehicle Potholes While the focus remains on digital security, consider the unexpected vulnerabilities posed by electric vehicles in the modern world and how they intertwine with the broader cybersecurity landscape. AI Copyright Problems Delve into the intricacies of AI copyright issues and learn how safeguarding your digital assets is a crucial part of maintaining your online privacy. Who Owns the Internet Contemplate the intriguing question of internet ownership and its implications for your online presence. Discover how understanding this concept is integral to your privacy. Unauthorized Derivative Works Unravel the concept of unauthorized derivative works in the digital realm and the implications they can have on your online security. The Legality Examine the legal aspects of digital privacy and cybersecurity, shedding light on what's within the bounds of the law and what isn't. By the end of this article, you'll not only have a grasp of the hidden Windows switches that can enhance your online privacy but you'll also be equipped to navigate the complex web of cyber threats and digital privacy concerns. Your decision to take control of your online life will be well-informed, and your digital well-being will thank you for it. Read the full article here and join the discussion! You can also catch Craig at the following stations and channels: With Jim Polito at 0836 on Tuesdays WTAG AM 580 - FM 94.9 Talk 1200 News Radio 920 & 104.7 FM WHJJ NewsRadio 560 WHYN WXTK Craigs Show Airs 0600 Saturday and Sunday With Jeff Katz 1630 - Tuesdays WRVA 96.1 FM, 1140 AM WGAN Matt Gagnon 0730 Wednesdays Craigs Show Airs 1700 Saturday WGIR 610 & News Radio 96.7 Chris Ryan 0730 Mondays Craigs Show Airs 1130 Saturday On the Internet: Tune-In (WGAN) Radio.com (WRVA) iHeartRadio (WGIR, WTAG, and other stations)
In today's digitally driven world, our smartphones are indispensable extensions of ourselves. They hold our deepest secrets, sensitive information, and personal memories. However, this convenience comes at a price, as these prized possessions have also become prime targets for covert cyber attacks. In this article, we embark on a journey to unveil the hidden dangers lurking in the digital shadows and arm you with the knowledge to safeguard your smartphone effectively. The First Three Flavors of Mobile Malware: Unmasking the Threat Our exploration begins with the first three flavors of mobile malware – a sinister world where malicious software can infiltrate your smartphone without you even knowing. Learn how these stealthy invaders operate and how to detect and eliminate them before they wreak havoc on your device. Beware of Side Loaded Apps: The Trojan Horses of the Digital Age Side-loaded apps, though alluring, can be the Trojan horses that cyber attackers use to breach your smartphone's defenses. We'll delve into the risks associated with these seemingly harmless downloads and provide you with tips on how to distinguish between genuine apps and potential threats. Mobile Ransomware, Adware, and Beyond: The Silent Saboteurs Cybercriminals have evolved, and their tactics have become increasingly sophisticated. We'll dissect the world of mobile ransomware and adware, shedding light on how these silent saboteurs can hold your smartphone hostage and compromise your privacy. Discover strategies to thwart these threats and regain control of your device. Electric Vehicle Potholes: A Surprising Digital Vulnerability In an era of electric vehicles and smart technology, even your car can pose unexpected digital vulnerabilities. We'll discuss the intersection of electric vehicles and cybersecurity, highlighting potential potholes in your EV's digital infrastructure that you should be aware of. AI Copyright Problems: Navigating the Ethical Minefield Artificial Intelligence is reshaping the digital landscape, but it also raises significant ethical concerns, particularly when it comes to copyright. Dive into the complexities of AI-generated content and the legal and ethical challenges it presents. Who Owns the Internet: A Web of Ownership and Control The Internet has become an essential part of our lives, but the question of ownership and control looms large. Explore the intricate web of ownership and influence that shapes the digital realm and its potential impact on your online experience. Unauthorized Derivative Works: The Gray Area of Creativity The digital age has blurred the lines of creative ownership. We'll navigate the gray area of unauthorized derivative works and their impact on content creators and consumers alike. The Legality of Cyberspace: Navigating the Digital Legal Landscape As the digital world expands, so does the realm of digital law. Gain insights into the legal nuances of cyberspace, from data privacy regulations to international treaties that shape the digital legal landscape. With your smartphone as the gateway to your digital world, defending it from covert cyber attacks is paramount. Join us on this enlightening journey as we delve into these intriguing topics, arm you with knowledge, and empower you to outsmart the unseen threats that lurk in the digital shadows. Your smartphone's security is in your hands. Are you ready to take the first step in safeguarding your digital life? Read the full article and arm yourself with knowledge: Shielding Your Smartphone from Stealthy Cyber Attacks You can also catch Craig at the following stations and channels: With Jim Polito at 0836 on Tuesdays WTAG AM 580 - FM 94.9 Talk 1200 News Radio 920 & 104.7 FM WHJJ NewsRadio 560 WHYN WXTK Craigs Show Airs 0600 Saturday and Sunday With Jeff Katz 1630 - Tuesdays WRVA 96.1 FM, 1140 AM WGAN Matt Gagnon 0730 Wednesdays Craigs Show Airs 1700 Saturday WGIR 610 & News Radio 96.7 Chris Ryan 0730 Mondays Craigs Show Airs 1130 Saturday On the Internet: Tune-In (WGAN) Radio.com (WRVA) iHeartRadio (WGIR, WTAG, and other stations) [KEYWORDS] AI, EV, electric vehicles, cybersecurity, mobile, malware, apps, ransomware, adware, internet, smartphones
Video - https://youtu.be/I61Mj5NpVpA According to the Avast Q2 2023 Threat Report, it's evident that adware has made quite a splash. My thanks to Emma McGowan for her informative article. You can find her article at: https://tinyurl.com/2cpcvvud --- Support this podcast: https://podcasters.spotify.com/pod/show/norbert-gostischa/support
Faceless hackers in hoodies, intergalactic warriors, and technology out of human control: are these representations of cyber threats accurate? And what might be their impact on levels of personal safety and security for organisations?This talk presents ideas for how we might empower people to protect themselves and help address human issues in the IT sector by thinking differently about how we portray security threats and operations.A lecture by Victoria Baines recorded on 9 May 2023 at Barnard's Inn Hall, London.The transcript and downloadable versions of the lecture are available from the Gresham College website: https://www.gresham.ac.uk/watch-now/cybersecurity-humansGresham College has offered free public lectures for over 400 years, thanks to the generosity of our supporters. There are currently over 2,500 lectures free to access. We believe that everyone should have the opportunity to learn from some of the greatest minds. To support Gresham's mission, please consider making a donation: https://gresham.ac.uk/support/Website: https://gresham.ac.ukTwitter: https://twitter.com/greshamcollegeFacebook: https://facebook.com/greshamcollegeInstagram: https://instagram.com/greshamcollegeSupport the show
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Microsoft Tips to Patch Your Exchange Servers https://techcommunity.microsoft.com/t5/exchange-team-blog/protect-your-exchange-servers/ba-p/3726001 FCC Treatens to Take Action Against Twilio over Robocalls https://www.fcc.gov/document/fcc-takes-mortgage-scam-robocall-campaign-targeting-homeowners PlugX Variant Spreads via USB https://unit42.paloaltonetworks.com/plugx-variants-in-usbs/ Adware in Google Play Store https://news.drweb.com/show/review/?lng=en&i=14652 Tails 5.9 Update https://tails.boum.org/news/version_5.9/index.de.html
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Microsoft Tips to Patch Your Exchange Servers https://techcommunity.microsoft.com/t5/exchange-team-blog/protect-your-exchange-servers/ba-p/3726001 FCC Treatens to Take Action Against Twilio over Robocalls https://www.fcc.gov/document/fcc-takes-mortgage-scam-robocall-campaign-targeting-homeowners PlugX Variant Spreads via USB https://unit42.paloaltonetworks.com/plugx-variants-in-usbs/ Adware in Google Play Store https://news.drweb.com/show/review/?lng=en&i=14652 Tails 5.9 Update https://tails.boum.org/news/version_5.9/index.de.html
Twitter & Musk to close buyout, Apple's new iPads, artist burns art for NFTs, AI chatbot for dead loved ones, and more. Semafor.com - A new global news platform for breaking stories and analysis. American Airlines is trying to stop a popular iPhone app Sequence Decoder that's become a 'must have' for its flight attendants. Twitter and Elon Musk make progress on a buyout, and Musk plans to cut 75% of its workforce. The dark side of a super app like WeChat in China. Pocket Casts mobile apps are now open source. Jack Dorsey-founded Bluesky is building a protocol for decentralized social networks. Damien Hirst is burning thousands of his paintings for an NFT project. Adware clicker apps in Google Play have been downloaded over 20 million times. Apple's macOS Ventura and iPadOS 16 will be released on October 24. Apple announced a new iPad and M2-powered iPad Pro, but the iPad lineup now seems like a mess. Apple announced a new Apple TV 4K with an A15 Bionic chip and HDR10+ for $129. More ads are coming to Apple's App Store starting next week. Apple's head of hardware design Evans Hankey is leaving three years after the departure of Jony Ive. NFL and Apple are at odds in Sunday Ticket negotiations. Boeing 787s must be turned off and on every 51 days to prevent 'misleading data' being shown to pilots. Hearing aids can now be sold over the counter in the US. Kanye West is buying the 'free speech platform' Parler. Meta ordered to sell Giphy by UK antitrust watchdog CMA. Are we ready for an AI chatbot that lets us speak to our dead loved ones? Red Bull co-founder and Red Bull Formula One owner Dietrich Mateschitz dies at 78. Host: Leo Laporte Guests: Louise Matsakis, Harry McCracken, and Louis Maresca Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: audible.com/twit or text twit to 500-500 ZipRecruiter.com/Twit shopify.com/twit
Twitter & Musk to close buyout, Apple's new iPads, artist burns art for NFTs, AI chatbot for dead loved ones, and more. Semafor.com - A new global news platform for breaking stories and analysis. American Airlines is trying to stop a popular iPhone app Sequence Decoder that's become a 'must have' for its flight attendants. Twitter and Elon Musk make progress on a buyout, and Musk plans to cut 75% of its workforce. The dark side of a super app like WeChat in China. Pocket Casts mobile apps are now open source. Jack Dorsey-founded Bluesky is building a protocol for decentralized social networks. Damien Hirst is burning thousands of his paintings for an NFT project. Adware clicker apps in Google Play have been downloaded over 20 million times. Apple's macOS Ventura and iPadOS 16 will be released on October 24. Apple announced a new iPad and M2-powered iPad Pro, but the iPad lineup now seems like a mess. Apple announced a new Apple TV 4K with an A15 Bionic chip and HDR10+ for $129. More ads are coming to Apple's App Store starting next week. Apple's head of hardware design Evans Hankey is leaving three years after the departure of Jony Ive. NFL and Apple are at odds in Sunday Ticket negotiations. Boeing 787s must be turned off and on every 51 days to prevent 'misleading data' being shown to pilots. Hearing aids can now be sold over the counter in the US. Kanye West is buying the 'free speech platform' Parler. Meta ordered to sell Giphy by UK antitrust watchdog CMA. Are we ready for an AI chatbot that lets us speak to our dead loved ones? Red Bull co-founder and Red Bull Formula One owner Dietrich Mateschitz dies at 78. Host: Leo Laporte Guests: Louise Matsakis, Harry McCracken, and Louis Maresca Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: audible.com/twit or text twit to 500-500 ZipRecruiter.com/Twit shopify.com/twit
Twitter & Musk to close buyout, Apple's new iPads, artist burns art for NFTs, AI chatbot for dead loved ones, and more. Semafor.com - A new global news platform for breaking stories and analysis. American Airlines is trying to stop a popular iPhone app Sequence Decoder that's become a 'must have' for its flight attendants. Twitter and Elon Musk make progress on a buyout, and Musk plans to cut 75% of its workforce. The dark side of a super app like WeChat in China. Pocket Casts mobile apps are now open source. Jack Dorsey-founded Bluesky is building a protocol for decentralized social networks. Damien Hirst is burning thousands of his paintings for an NFT project. Adware clicker apps in Google Play have been downloaded over 20 million times. Apple's macOS Ventura and iPadOS 16 will be released on October 24. Apple announced a new iPad and M2-powered iPad Pro, but the iPad lineup now seems like a mess. Apple announced a new Apple TV 4K with an A15 Bionic chip and HDR10+ for $129. More ads are coming to Apple's App Store starting next week. Apple's head of hardware design Evans Hankey is leaving three years after the departure of Jony Ive. NFL and Apple are at odds in Sunday Ticket negotiations. Boeing 787s must be turned off and on every 51 days to prevent 'misleading data' being shown to pilots. Hearing aids can now be sold over the counter in the US. Kanye West is buying the 'free speech platform' Parler. Meta ordered to sell Giphy by UK antitrust watchdog CMA. Are we ready for an AI chatbot that lets us speak to our dead loved ones? Red Bull co-founder and Red Bull Formula One owner Dietrich Mateschitz dies at 78. Host: Leo Laporte Guests: Louise Matsakis, Harry McCracken, and Louis Maresca Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: audible.com/twit or text twit to 500-500 ZipRecruiter.com/Twit shopify.com/twit
Twitter & Musk to close buyout, Apple's new iPads, artist burns art for NFTs, AI chatbot for dead loved ones, and more. Semafor.com - A new global news platform for breaking stories and analysis. American Airlines is trying to stop a popular iPhone app Sequence Decoder that's become a 'must have' for its flight attendants. Twitter and Elon Musk make progress on a buyout, and Musk plans to cut 75% of its workforce. The dark side of a super app like WeChat in China. Pocket Casts mobile apps are now open source. Jack Dorsey-founded Bluesky is building a protocol for decentralized social networks. Damien Hirst is burning thousands of his paintings for an NFT project. Adware clicker apps in Google Play have been downloaded over 20 million times. Apple's macOS Ventura and iPadOS 16 will be released on October 24. Apple announced a new iPad and M2-powered iPad Pro, but the iPad lineup now seems like a mess. Apple announced a new Apple TV 4K with an A15 Bionic chip and HDR10+ for $129. More ads are coming to Apple's App Store starting next week. Apple's head of hardware design Evans Hankey is leaving three years after the departure of Jony Ive. NFL and Apple are at odds in Sunday Ticket negotiations. Boeing 787s must be turned off and on every 51 days to prevent 'misleading data' being shown to pilots. Hearing aids can now be sold over the counter in the US. Kanye West is buying the 'free speech platform' Parler. Meta ordered to sell Giphy by UK antitrust watchdog CMA. Are we ready for an AI chatbot that lets us speak to our dead loved ones? Red Bull co-founder and Red Bull Formula One owner Dietrich Mateschitz dies at 78. Host: Leo Laporte Guests: Louise Matsakis, Harry McCracken, and Louis Maresca Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: audible.com/twit or text twit to 500-500 ZipRecruiter.com/Twit shopify.com/twit
Twitter & Musk to close buyout, Apple's new iPads, artist burns art for NFTs, AI chatbot for dead loved ones, and more. Semafor.com - A new global news platform for breaking stories and analysis. American Airlines is trying to stop a popular iPhone app Sequence Decoder that's become a 'must have' for its flight attendants. Twitter and Elon Musk make progress on a buyout, and Musk plans to cut 75% of its workforce. The dark side of a super app like WeChat in China. Pocket Casts mobile apps are now open source. Jack Dorsey-founded Bluesky is building a protocol for decentralized social networks. Damien Hirst is burning thousands of his paintings for an NFT project. Adware clicker apps in Google Play have been downloaded over 20 million times. Apple's macOS Ventura and iPadOS 16 will be released on October 24. Apple announced a new iPad and M2-powered iPad Pro, but the iPad lineup now seems like a mess. Apple announced a new Apple TV 4K with an A15 Bionic chip and HDR10+ for $129. More ads are coming to Apple's App Store starting next week. Apple's head of hardware design Evans Hankey is leaving three years after the departure of Jony Ive. NFL and Apple are at odds in Sunday Ticket negotiations. Boeing 787s must be turned off and on every 51 days to prevent 'misleading data' being shown to pilots. Hearing aids can now be sold over the counter in the US. Kanye West is buying the 'free speech platform' Parler. Meta ordered to sell Giphy by UK antitrust watchdog CMA. Are we ready for an AI chatbot that lets us speak to our dead loved ones? Red Bull co-founder and Red Bull Formula One owner Dietrich Mateschitz dies at 78. Host: Leo Laporte Guests: Louise Matsakis, Harry McCracken, and Louis Maresca Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: audible.com/twit or text twit to 500-500 ZipRecruiter.com/Twit shopify.com/twit
Walmart has entered the metaverse, Tesla has a new Robot, Nate listens to a lot of podcasts, and so much more on this episode. We've got some great tips and picks for you, all so you can get out there and tech better. Followup: Amazon Thursday Night Football postcard (00:45) Lime scooters in Tualatin (02:10) PocketCasts 4 years (03:35) Google is shutting down Stadia (07:25) Bruce Willis denies selling his digital likeness to firm (09:05) Meta to cut headcount for the first time, slash budgets (11:05) Walmart enters the meta verse with Roblox experiences aimed at younger shoppers (12:05) Dave's Pro Tip of the Week: Saying “Reply with audio” to Siri (13:10) Bonus Pro Tip: Check out the Mac Geek Gab Podcast! (15:25) Takes: Elon Musk unveils Tesla prototype humanoid Optimus robot (17:35) Everything Amazon announced at its September hardware event - Amazon October Prime Day (20:40) Meta cracks down on ad-free Instagram client a day after it launched (30:30) Adware on Google Play and Apple Store was installed 13 million times (31:20) Bonus Odd Take: Music for Programming (34:05) Picks of the Week: Dave: Firefox Web Browser (35:25) Nate: The Office Somehow We Manage Game (38:00) Find us elsewhere: https://www.notnerd.com https://www.youtube.com/c/Notnerd https://ratethispodcast.com/notnerd https://www.tiktok.com/@notnerdpod https://www.twitter.com/n0tnerd/ https://www.instagram.com/n0tnerd https://www.facebook.com/n0tnerd/ info@Notnerd.com Call or text 608.618.NERD(6373) If you would like to help support Notnerd financially, mentally, or physically, please contact us via any of the methods above. Consider any product/app links to be affiliate links.
This week, we chat about the following tech news that matters: GTA6 Source Code LeakedGTA London 1969 Snapchat Web Rolls Out to All Users Microsoft Edge Displays Adware in News Feed We also look at this amazing Google Maps feature:Visit the Past in Google Street ViewWe finish the show with the following recommendations: Splatoon 3 Total Recall (2012) Christian Cawley and Ben Stegner host the show. Follow them on Twitter (@thegadgetmonkey and @stegnersaurus) for updates and even make suggestions for future topics.Don't forget to subscribe to the Really Useful Podcast on Apple Podcasts for more tech news and tips for technophobes!
I spent the weekend at the Southern Fried Gaming Expo playing arcades and pinball games! I also hosted two panels, one of which about speedrunning will be hitting YouTube soon. Unity has merged with ironSource, a known adware provider. They are doing this because they need to be able to generate revenue so their investors will stop suing them. Then we have open discussion about E3 being taken over by ReedPOP, and the current state of the G4 TV network compared to when I was involved with it. PROGRAMMING NOTE: DURING THIS EPISODE I REFER TO TAKING A WEEK OFF. PLANS HAVE CHANGED. Due to medical conditions and quarantine, we have opted to move our trip to the following weekend, so there WILL be a live show on July 24th on the 17th anniversary of this podcast, and there will NOT be a live show on July 31st.
The Question of the Week- I am seeing a lot of unusual ads on my Android, what do I do about it? Also: The best jobs in technology Getting started in Tech without experience
¡Aprende SecTY! Consecuencias de un Ransomware Ser víctima de un ataque cibernético, sobre todo de un ransomware tiene consecuencias negativas, sin embargo, nadie le gusta hablar de eso. ¿Cuál es el impacto en tu negocio si fueses víctima de un ransomware? ¿Lo has pensado? Un ransomware es un tipo de ataque cibernético donde se utiliza el método de ingeniería social en la mayoría de las veces. Puede llegar por medio de un correo electrónico, visitando algún sitio web infectado, que exploten vulnerabilidades en algún dispositivo den tu red como un servidor, algún anuncio (Adware) malicioso o infectado en alguna página web que visites. En su mayoría llegan o se activa gracias a un usuario que recibió un correo electrónico que parece legítimo que contiene un enlace o archivo adjunto. Al presionar el enlace o abrir el documento, todo queda bloqueado en tu red. Desde que el enlace se descarga, un programa secuestra tus datos como rehén. Y ofrecen un rescate por liberar los datos por una cantidad de dinero a cambio. Las consecuencias e impacto que tiene un ataque como el de un ransomware pueden ser varias, pero en el episodio 2.17 te explico cuáles son las más importantes y que pueden afectar grandemente tu negocio. Si deseas capacitar a tus empleados en que hacer o no hacer sobre seguridad de información en tu negocio, escríbeme a itsec@sectycs.com para poder ayudarte porque ofrecemos capacitación de seguridad a grupos de usuarios para pequeños negocios. *****LLENA LA ENCUESTA: https://forms.office.com/r/ZvgRWGvrm7 Episodios relacionados: Ep 29: Como prevenir un ransomware cuando trabajas remoto: https://aprendesecty.libsyn.com/ep-29-como-prevenir-un-ransomware-cuando-trabajas-remoto Ep 30: 4 Claves para recuperarte de un ransomware: https://aprendesecty.libsyn.com/ep-30-4-claves-para-recuperarte-de-un-ransomware Recuerda: Si quieres la nueva guía de como aprender a identificar un phishing email escríbeme a itsec@sectycs.com o por medio de mensajes directos en Instagram o Facebook. @SECTYCS Entra a nuestra página de Aprende SecTY https://www.aprendesecty.com para que puedas obtener las guías, tips y pasos que ya he compartido anteriormente de manera GRATIS. Síguenos en Facebook, Instagram, Twitter y LinkedIN como: @SecTYCS SUSCRIBETE en nuestro canal de YouTube Aprende SecTY: https://www.youtube.com/channel/UC1E9yilgLf5HZMQVDf_ViRw Envíame tus preguntas o recomendaciones a: itsec@sectycs.com Deja tu reseña en iTunes/Apple Podcast y compártelo con personas que necesiten mejorar la seguridad en su negocio y en su vida. Puedes escucharnos también por medio de: iTunes/Apple Podcast, Spotify, Stitcher, Google Podcast, Amazon Music y iHeartRadio. *****LLENA LA ENCUESTA AQUI /: https://forms.office.com/r/ZvgRWGvrm7
We know SEO works. We know influencer marketing works. We know affiliate marketing works. In 2022, these three come together to give your business the extra boost needed to outperform your competitors. And, we're going to help you capitalize on these tactics. Adam Riemer, CEO of Adam Riemer Marketing, and Regina Fischedick, Senior Partner Manager of Refersion, join me on the SEJ Show to talk about powering your marketing strategy. Get inside information on leveraging SEO, plus influencer marketing's merge with affiliate marketing, to supercharge your campaigns. Your affiliate marketing channel can definitely enhance your SEO strategy, and there are definitely more than one or ten ways for them to work together in perfect harmony.–Regina Fischedick, 12:36 It is important to know if they can track each of the touchpoints in each of the conversions you want.–Adam Riemer, 38:18 So if you can go out and help a publisher get a much better result from what they're doing on the advertising side, that makes all the sense in the world. It helps them, it helps you, and even allows you maybe squeeze in some other deals that they may have said no to previously just because you have such a great relationship with them.–Loren Baker, 31:04 [00:00] - Background of Adam and Regina. [06:00] - SEO and affiliate marketing opportunities publishers may be overlooking. [14:56] - Does affiliate traffic help Google in terms of SEO? [19:26] - The difference between affiliate marketing and influencer marketing. [22:18] - How can influencers be more involved in a brand, and do review tools help with conversion? [26:00] - Are influencers mirroring what they do on social media in their blogs? [35:46] - Ways to track the data from the influencers you work with. [42:11] - Coupons: Are they a good thing? [1:01:07] - Tips to help your SEO/affiliate/influencer marketing efforts work together. Resources mentioned: Yotpo - https://www.yotpo.com/ Opt-in monster - https://optinmonster.com/ Refersion: https://www.refersion.com/ Adam's Agency: https://www.adamriemer.me/ The influencers can be your affiliates, and both can be part of a strategic performance marketing mix to drive brand awareness and conversions for your brand.–Regina Fischedick, 21:09 Do not worry about audience size. Worry about the actual audience.–Adam Riemer, 26:45 Look at your actual data, see what is happening, who's creating their spikes of traffic and sales, who are following along. If you remove them, do your sales fall? Figure out your data because each company is unique.–Adam Riemer, 1:04:31 For more content like this, subscribe to our YouTube channel: https://www.youtube.com/user/searchenginejournal Are you looking to keep up with current and effective digital marketing today? Check out https://www.searchenginejournal.com for everything you need to know within the digital marketing space and improve your skills as an internet marketer. Connect with Adam Riemer Adam Riemer is a true expert with more than a decade of experience in online marketing. He has helped clients achieve transparent and measurable results in SEO, Affiliate Marketing, Adware detection, PPC, and Sales Funnel management throughout his career. Connect with Adam on LinkedIn: https://www.linkedin.com/in/adam-riemer-9623732/ Follow him on Twitter: https://twitter.com/rollerblader Connect with Regina Fischedick Regina's B2C client experience services span over 12 years, leveraging best practices and developing customized solutions that meet their business objectives. She also utilizes digital, social, print, and media channels to meet clients' objectives. Connect with Regina on LinkedIn: https://www.linkedin.com/in/reginafischedick/ Connect with Loren Baker, Founder of Search Engine Journal Follow him on Twitter: https://www.twitter.com/lorenbaker Connect with him on LinkedIn: https://www.linkedin.com/in/lorenbaker
How Ransomware, Trojanware, and Adware Hurt You. And Why ExpressVPN Isn't Safe to Use. Ransomware, Trojanware Adware. What's the difference between these different types of malware.? And when it comes down to our computers, which should we worry about the most and which should we worry about the most? [Automated Transcript Follows] [00:00:17] There are a lot of different types of malware that are out there and they're circulating and scaring us. [00:00:23] And I think for good reason, in many cases, ransomware of course, is the big one and it is up, up, up. It has become just so common. Now that pretty much everybody is going to be facing a serious ransomware attack within the next 12 months. The numbers are staggering. And what are they doing while now they're getting you with the double whammy. [00:00:50] The first whammy is they encrypt your data. Your computers are encrypted, everything on them. So you can't use them anymore. Bottom line. Yeah, they'll boot they'll run enough in order to be able for you to pay that ransom. But any document that you might care about, any PDF, any word doc, and the spreadsheet is going to be encrypted. [00:01:14] And the idea behind that is. You have to pay in order to get that decryption key about 50% of the time. Yeah. About half of the time. Even if you pay the ransom, you'll get your data back the rest of the time. No, you you'll never see it again. So what do you do about that type of ransomware? Well, obviously most people just pay the rent. [00:01:39] But that's gone up as well. We've seen over a hundred percent increase in the amount of ransom people happy. So what's the best thing to do. What's the easiest thing to do in order to help you with this type of ransomware while it's obviously to have good backups. Now I'm going to be doing a bootcamp. [00:02:00] We're going to talk about this and a workshop. I really want to get going with these one week long workshops. So we'll do a, at least a couple of times a month in these boot camps that we'll do pretty much every week here, but they're coming up fairly soon. You'll only know about them. If you are on my email list, that is Craig peterson.com and the number one thing that you can do to. [00:02:27] You when you're hit with this type of rent somewhere, because if you're not taking all of the other precautions, you should be digging under really good that you're going to get hit the better than 50%. And once you do is have a good backup, and I want to warn everybody because I've seen this again and against people just keep making this mistake, probably because they don't get it. [00:02:51] They don't understand why and where and how, when it comes to ransom. The mistake is they do a backup to a local desk. Now, many times the backup is on a thumb drive or USB drive. So you just go to the big box store. You go to Amazon, you order an external drive. You're just amazed how cheap they are. [00:03:16] Nowadays. Once you've got that drive, you plug it in. You turn on some backup software. Maybe it's something you've used for some years, maybe. If you have a Mac, you're just using the built-in backup software. Even the windows operating system now comes with some built-in backup and you think you're off and running because every so often it back. [00:03:40] If we're using a Mac is smart enough to not only back up your whole machine, but as you're editing files, it's going to go ahead and make a backup of that file as you're editing it. So if there is a crash or something else, you're not going to lose much. I just love the way apple does that. Huge problem. [00:03:59] Because if the disc is attached to your machine, or let's say that disc is on a file server, cause you're smart, right? You set up some network attached storage of some sort and your machine has access to it. And so you're sending it off of your machine to a central. Well, you still got a problem because if your machine can read or more particularly right to a location on your network or locally, that ransomware is going to also encrypt everything, it can find there. [00:04:37] So, if you are sharing a network drive and you get ransomware, when you remember the odds are better than 50%, you're gonna get it. Then what happens? What would this type of ransomware it not only encrypts the files on your computer, but encrypts them on the backup as well. And it also encrypts them on any of the. [00:04:58] File servers or network attached storage the, to have on your network. So now everything's encrypted. You wonder why someone and people pay the ransom? Oh, that's a large part of the reason right there. And I keep saying this type of ransomware because there isn't another type of ransomware and they usually go hand in hand. [00:05:21] The bad guys were not making enough money off of holding your files. Rants. So the next thing the bad guys have done is they've gone to a different type of extortion. This one is, Hey, if you don't pay us, we are going to release your files to the world. Now they might do it on a dark website. They might do it on a publicly available site, which is what many of them are starting to do now. [00:05:51] And you're going to either be embarrassed or subject to a lot of fines or both, because now if your files have. Confidential information. Let's say it's your intellectual property. Now, anybody who bothers to search online can find your intellectual property out there. If you have anything that's personally identifiable information. [00:06:18] And it gets out. Now you are subject to major fines. In fact, in some states like California and Massachusetts, you are subject to fines. Even if the bad guys don't post it online. So that's the second type of ransomware and it's a bad type. And usually what'll happen is the bad guys, get their software on your machine and they can do it in a number of different ways. [00:06:45] One of the popular ways to do it now is to just break in because. Our businesses, we've, we've set up something called remote desktop, and we're using remote desktop for our users to get in. And maybe we're using some form of a VPN to do it with, or maybe we've made the mistake of using express VPN. And, uh, we have that now connected up to our homes and we think that that's keeping us safe. [00:07:13] And I got a few things to say about that as well. These VPN services. What happens now while Microsoft remote desktop has been under major attack and there are some major flaws. Some of these were patched more than a year ago now, but according to recent studies, 60%, almost two thirds of businesses have not applied the patches. [00:07:42] You know, th this is basic stuff. And I understand how hard it can be and it can be confusing and you can break your systems, but you have to weigh that against well, what's going to happen if our systems are broken into, because we didn't apply the patch. So that's the second type of ransomware and that's what most people are afraid of and for good reason. [00:08:07] And one of the things we do for businesses and we do ransomware audits, we have a look at your systems, your firewalls, et cetera, and make recommendations to. Man. I got to talk about this too, cause it really upset me this week. I signed up for a webinar just to see what was going on. There's a company out there that sells these marketing systems to managed services providers. [00:08:33] And I, I, I had to turn it off like instantly because it was just such. Garbage that they were telling managed services providers MSPs to do. I couldn't believe it. So this guy was talking about how, again, I turned it back on and I said, Hey, I've got to watch us anyways, because I need to know what's going on. [00:08:54] And this guy was telling these managed services providers, how they can double their clothes. I couldn't believe this guy. Cause he was saying that what they do is they offer to do a ransomware audit for businesses and they say, normally we charge $6,000 to do a ransomware audit, but I tell you what we'll do it for you for. [00:09:20] Now, this is a guy that he had an MSP managed services provider. Apparently he had started it and he was bringing in more than $1 million per month in revenue. Can you imagine that monthly recurring revenue over a million dollars? And so he's telling people businesses, Hey, I have a $6,000 audit that we'll do. [00:09:47] For free, Hey people, how long have we said, if you're not paying for something your, the product remember Facebook, right? Google, Instagram, all of those guys, Twitter, you don't pay for it, but your information is the product. So what's this guy doing well, guess what? His audit, it's going to show his audit. [00:10:10] It's going to show that you need him. And he's sucked in hundreds of businesses and he didn't even know what he was doing when it came to the audits or protecting them. It is insane. What's going on out there. I am ashamed of my industry, absolutely ashamed of it. You know, I've got my first attack, successful attack against my company back in 91 92. [00:10:42] And I learned this stuff because I had to, and I help you guys because I don't want you to get stuck. Like I was so important, important word of advice. If you want to nod it, go to someone that charges you for the audit. That's going to do a real one. It's going to give you real advice that you can really need and use rather than, Hey, you knew do use me. [00:11:11] Because my free audit tells you so, so many scams. [00:11:15] What is ad where in what is crypto, where these are two types of real, kind of bad things. Won't gray areas, things that are hurting us, our mobile devices, our businesses. And our homes. [00:11:32] Adware is also a type of malware that's been around a long time. But it does live in a gray area. [00:11:42] And that gray area is between basically marketing and, uh, well outright fraud. And I don't even want to call it just marketing because it's very aggressive market. What they will do with add where is they? They will have some JavaScript code or something else that's embedded on a webpage, and that's usually how you get it. [00:12:09] And then once it's in, in your browser, it sits there and it pops up things. So it'll pop up an ad for this, pop up an ad for that, even if it's. Uh, part of the site that you're on right now, and it can live for months or years on your computer. We've known for a long time about ad where on the windows environment and how it has just been just terribly annoying at the very least Microsoft and genetic Explorer. [00:12:40] One of the worst web browsers ever. Perpetrated on humankind was well-known for this. And of course, Microsoft got rid of internet Explorer, and then they came up with her own symposer browser, the edge browser that was also openly scorned. And so Microsoft got rid of their edge browser and switched over to basically Google Chrome chromium, and then changed his name to the edge browser. [00:13:11] And so you think you're running edge, but you're kind of not, you kind of are. So they did all of that in order to help with compatibility and also to help with some of these problems that people have had using that Microsoft browser online, very, very big problems. So what can you do about it and what does it do to you and where can be very. [00:13:37] You might've had it before words always popping up again and again and again on your browser, just so crazy knowing it it's insane, but it can also be used to spy on where you're going online and potentially to, to infect you with something even worse. Sometimes some of this ad where we'll purposely click on ads, that the people who gave you the ad were, are using as kind of like a clickbait type thing. [00:14:09] So you go to a website and it was. Automatically click certain ads and click on unbeknownst to you, right? It's as though you went there so that people have to pay for that ad. And sometimes aids are very, very complicated. Sometimes they'll use. In order to drive a competitor out of business or out of the market, because the ads are so expensive because so many people are supposedly clicking on the ads. [00:14:40] But in reality, you didn't click on the ad. You're not going to see that page that you supposedly clicked on, and it's going to cost that advertiser money, whole bunch of money. You might not care. Right. But it is. Ad ware over on the Mac, however, is the only real malware menace at all I had to where is something that choosed fairly frequently on the Mac? [00:15:09] It is pretty darn easy to get rid of. And as a general rule, it doesn't work very well on the Mac. Although I have seen some cases where it got very, very sticky. Where someone ended up installing it, it wasn't just running in the browser, but they installed it on their Mac, which is something you should never do. [00:15:29] But apple has some things in place to help stop any of this from happening. And it's gotten a lot better. I haven't seen this problem in a couple of years, but apple is using the signature based blocking technology called export. They also have at apple, this developer based notarization of apps. And so the run of the mill malware, which includes most of this Al where really can't find a foothold. [00:15:57] But I want to remind everybody that if they can get Al add where onto your computer, they might be able to get something worse. So you really got to keep an eye out for no two ways about it. There are some companies out there, for instance, there's this one. Parrot, which is a program linked to this Israeli marketing firm that gains persistence on your browser and potentially could gain root access to the Mac system. [00:16:30] So careful, careful on all fronts now. Anti-malware stuff that we use for our clients is called amp, which is an advanced malware protection system. That's been developed by our friends over at Cisco it's amp is very, very good. Unfortunately, you cannot get it unless you buy it from somebody like us and you have to buy so many seats for some of this stuff, it gets gets expensive quickly. [00:17:00] Um, if you can't do that much, a lot of people like Malwarebytes, there are some very good things about it, but be careful because in order for this to work, this is Railey parrot software to work. It has a fake install. So again, it's just be careful if you know how apple installed software, you know that unless you have instigated it, it's not going to be installed. [00:17:30] You're not just going to see an installer. And say, Hey, we're apple install us. Right? Apple just does it in the background when it comes to updates patches. But they're very sneaky here trying to install things like the Adobe floor. Player, which has been deprecated. Deprecated is completely now gone from Mac systems and from windows systems, you should not be using flash at all anymore. [00:18:02] It was very, very bad. So up becomes you, you go to wound stole the leaders flash player, or, and I'm sure they're going to change this or something else, right? It won't be flashed in a future. It'll be a Adobe. Would you also don't need on a Mac. So anyhow, that's what you got to be careful of ad were still a big problem in windows. [00:18:25] Not much as much as it used to be. Uh, thanks to the change to Google Chrome, which Microsoft has rebranded as of course its own edge browser. Much of a problem at all on Macs, but be very, very careful in either platform about installing software that you did not start installing. Now earlier this year, there's a security firm called red Canary that found something that's been named silver Sparrow. [00:18:58] That was on a. 30,000 Mac computers. And apparently the developers for this malware had already adapted it to apples and one chip architecture and have distributed this binary, this program as a universal binary. Now in the macro, the member doesn't just use Intel. It used to use power PCs and then it used Intel. [00:19:21] And now it's using its own architecture for the chips themselves. So a universal binary is something that will run on Mac Intel based and Mac architecture base. But, uh, the bottom line is that this proof of concept. Malware, if you will had no payload. So we know it's out there, we seen it now on almost 30,000 Mac computers, but at this point it's not really doing much, much at all. [00:19:53] So. These are malicious search engine results and they're directing victims to download these PKGs, which are Mac packaged format installers based on network connections from your browser shortly before download. So just be very careful about all of that. It can be something as annoying as malware or something as a malicious. [00:20:17] Well, potentially as ransomware. Particularly if you're running windows, Hey, if you want to find out more about this, if you want to get into some of my free courses here, we got free boot camps coming up. Make sure you go to Craig peterson.com/subscribe. More than glad to send you my show notes, a little bit of training, and of course, let you attend these free bootcamps that are now to sell you stuff, but solve problems for you. [00:20:49] Hey, if you use VPNs to try and keep yourself safe, particularly if you use express VPN. Wow. What just came out is incredible. It is anything but safe and secure. [00:21:06] Express VPN was purchased by a company called Cape K A P E. Cape is a company that had changed its name because oh, things were bad. [00:21:19] Right. It was originally founded under the name of cross writer. And you might've seen notices from your anti-malware software over the years for everything from Malwarebytes on saying that, oh, it blew up. To this cross writer piece of malware, most of the time it's ad ware, but it is really interesting to see because this company was founded by a person who was part of the Israeli secret service. Right? So it wasn't of course not. It's not called the secret service over there in Israel. And it, frankly, it compares to our NSA, you know, no such agency. Yeah. It's part of unit 8,200 in the Israeli intelligence military. And it's been dubbed, of course, Israel's NSA. Teddy Saggy, which was one of these investors also was mentioned in the Panama papers. [00:22:24] Remember those? We talked about those back in 2016, those were leaked and that showed these law firm, this one particular law firm in panel. And that we're sheltering assets for people all over the world. And so now that express VPN is owned by this company that is, this company built entirely by intelligence agents for almost a billion. [00:22:55] Dollars in cash and stock purchases. That's a much, they sold express VPN for almost a billion dollars, which is kind of crazy when you think of it as a VPN service, but makes a lot of sense. If you're going to want to monitor what people are doing, where they're going, maybe even break into their systems or better choice than a VPN provider and the. [00:23:20] The company has been buying up VPN providers and is now the proud owner of express VPN. If you attended my VPN workshop that I had, oh, it's probably been a year and I'm going to start doing these again. I promise, I promise. I promise, but you know how much I just like VPNs. In fact, one of you guys, I'm sorry, I forgot your name. [00:23:46] Send me. A couple of weeks ago now about VPNs and saying, I know how much you disliked VPN look at this article. And it was talking about this whole thing with express VPN. So they just now all over the place, the discussions online about what. Been to hear who the founder was, the CEO, the CTO, this growing portfolio that they have in Sunbrella of ownerships, that now is centralized in a multiple VPNs. [00:24:15] Now, Cape technology only started acquiring VPN companies about four years ago. And they've been in business now for over a decade. And what were they doing before? They started buying VPN companies? While they own VPN companies. Oh, they were a major manufacturer and distributor of. Malware of varying types. [00:24:40] Now the first part of the show today, of course, I was explaining some of the differences, like ad words, et cetera, so that you could understand this story. Right? Ghulja that? So you can understand this. That's what these guys have been doing. It's absolutely crazy. So the F the co-founder of Cape technology and former CEO started his career in information technologies while serving in the Israeli defense forces. [00:25:08] As I mentioned, Israeli intelligence Corps under unit 8,200 it's that unit is responsible for. Dean what's called signal intelligence and data decryption. Now we have signal intelligence here as well, and that's basically intercepting signals, figuring out what's being said, what's going on? Where they are, the size of the forces, et cetera. [00:25:32] I have a friend of mine, a young lady who is in signal intelligence in, I think it's the Navy, but every part of our military has it is. However, our military doesn't directly control VPM services like express VPN that can be used in a very big spike capacity. That's what I'm really concerned about. Now. I also, I found an interesting article on zero hedge about this, uh, you know, this company express, VPN being acquired. [00:26:06] But they're also pointing out that companies that were founded by former operatives of unit 8,200. That again, the Israeli version of the NSA included. Ways Elbit systems, which is right in my hometown of Merrimack, New Hampshire and slews of other startups now ways. Right. I, I used ways I recommended people to use it and of course, Google bought it a few years back and that's when I stopped using it, but it was really nice. [00:26:39] It worked really well. And I had no idea the information was likely going to. The Israeli defense Corps. Oh my goodness. There's spy agencies, uh, and a bunch of other startups, by the way. It's estimated that there have been over 1000 stack tech startups that came out of the people working at unit 8,208. [00:27:07] Again, they're CIA NSA, uh, guys, their spine on everybody. You can, you believe that? And they've been bought by a mentioned Google, but other companies like Kodak, PayPal, Facebook, Microsoft have bought them. So in addition to the thousands of companies, according to zero. Uh, unit 8,200 has also fostered close working relationship with the U S government, which you would expect, right? [00:27:33] Edward Snowden. You remember him? He disclosed leaked documents. He obtained, which included an agreement between the NSA and the Israeli defense force. The agreement showed that the U S intelligence. Agency would share information. It collected under domestic surveillance operations with it. Israeli counterpart. [00:27:53] You remember we talked before about the five eyes, seven eyes searching eyes. It's up in the twenties. Now these countries that spy on each other citizens. For the other countries, right? Yeah. Your information might not be collected by the U S government, but the U S government gets it by buying it from private contractors, which it says it can do because we're only barred from collecting it ourselves. [00:28:17] We can use private contractors that collected on you. And also by going in partnership with foreign government. Because again, we can't collect that information, but we can certainly have the Israelis or, or the Brits or the Australians or Canada. They could collect it from. Can you believe this, how they're just stretching these rules to fit in what they want to fit. [00:28:39] Okay. Completely ignoring not only the constitution, but the laws of the United States. It's, it's just absolutely incredible. So critics of this unit, Eddy 200 attested that the Israeli intelligence outfit routinely uses the data received from the NSA by providing it to. Politicians Israeli politicians for the basics of blackmailing. [00:29:06] Yes. Blackmailing others. Yes. Indeed. Other whistle blowers have revealed any two hundreds operations have been able to disrupt Syrian air defense systems, hack Russia. Cap Kaspersky labs. You remember I told you guys don't use Kaspersky antivirus and has outfitted several Israeli embassies with Glendale, seen surveillance systems, cleanse Stein. [00:29:31] However you want to pronounce it. By the time Cape technologies acquired his first VPN company. Uh, the CE original CEO had left and he went on to found cup pie before leaving as it CEO in 2019, it goes on and on, uh, bottom line gas, SWAT express VPN, which is advertised by so many conservatives. Now looks like it is actually part of a spy operation. [00:30:01] So sign up now. Craig peterson.com. Craig peterson.com/subscribe. You're going to want to attend my free VPN webinar. Hey, I don't have anything to sell you when it comes to VPNs. I just want you to know the truth. [00:30:17] Labor shortages are making businesses turn direction. And now that we're laying off people or firing them because they didn't take the jab, what are businesses going to do? Well, I have news for you that reduced workforce, well, guess what?. [00:30:34] U.S. Businesses are really seriously moving to automation. [00:30:39] Now they've been doing this since the start of this whole lockdown. They were doing it even before then. I tell the story of when I was in France, a boom went four or five years ago now, and I stayed off the beaten path. I was not in the touristy areas. I speak French. So I went just where the. I decided to go, my wife and I, so we rented a car and we spent a month just kind of driving around where do we want to go next to, or do we want to go next? [00:31:08] It was a whole lot of fun. And while we were there on a Sunday, I came to realize that these small French towns have no restaurants open on Sunday, nothing at all, talking about a bit of a culture shock. That's not true. There was one restaurant opened in the town and that restaurant was, and McDonald's. [00:31:30] So when I go to McDonald's here a few years ago in France, central France. And when I walk in, there's nobody at the counter, but they're all. Oh, half a dozen kiosks out front. So you go and you order your hamburger, whatever might be, or your drinks, et cetera, right there in the kiosk, you pay for them riding the kiosk. [00:31:53] And there's some people working out back that are then making the hamburgers or the milkshakes or coffee, whatever you ordered and bringing it up to the front. And then they just put her right there for you to grab that simple. And this was of course, pre. Down days, I assume that it has gone even more automated. [00:32:14] Uh, they're in France, but hard to say. And I've seen the same thing here in the us. I was out in Vermont just about a month ago and I was riding with a buddy of mine, motorcycle riding, couple of buddies, actually. And we stopped in this small. Town. And we went to this little breasts, breakfast restaurant and the breakfast restaurant had maybe four or five tables inside. [00:32:42] And you just sat at the table. No waitress came up, but there's little sign with the QR code. So it said a scan, the QR code to get started. So you scanned it, it knew based on the QR code, which table you were at, and it showed you the menu that was in effect right then and there. So the lunch menu or the breakfast or the all day, you got to pick it and then you selected what you wanted. [00:33:08] It used whatever payment you wanted. I used apple pay. And in order to pay for my breakfast and my buddy ordered what he wanted. And then out came a waitress who delivered the food. Once it was already in the drinks, it was very automated. It allowed them to cut back on some people and others, this small restaurant, they probably had one last waitress, but when you kind of had in the shifts. [00:33:33] Days and vacation days is probably two waitresses. So they're saving some serious money because a system like this that you just scan a QR code and do the order and it prints up in the kitchen is cheap compared to hiring. Well, of course, it's hard to hire people, especially in the restaurant industry nowadays heck and in my business where we go in and we do analysis of computer networks and systems, it's almost impossible to find people that are really well qualified that understand the regulations that apply to these different businesses. [00:34:10] So it's like, forget about it. There's more than a million of these jobs open right now. And just in this cybersecurity. Well, September mark, the end of the real lockdown induced unemployment benefits workers. Didn't just flood the labor market as we kind of expected. And we have now few, we have more people now. [00:34:38] Who are out of the workforce. Who've decided not to look for a job than we did in 2008. So that's telling you something 2008 during the great recession. Interesting things are about to happen, but there's a great little article that I found in. Times this week, and it's talking about this quality local products company out of Chicago, the prince logos on merchandise, like t-shirts water bottles, you know, the little stress balls, all of that sort of stuff. [00:35:10] And he said prior to the pandemic, we had over 120 employees. That's the co-founder talk in there. And he said, Primary focus was on growth. We simply plugged any holes or any efficiencies that we could along the way with human capital, bringing people in. But once the lockdown happened, of course, all of a sudden now you don't have the access to employees you had before. [00:35:36] So they had a huge decrease also in business. So those two went hand in hand. They let a lot of people go and they use the opportunity to program many of the previous manual and human controlled activities into computers. So now 18 months later, yeah, two weeks to flatten the curve. Right? 18 months later, the company employees, 83 workers. [00:36:03] And as managing a workload, that's pretty much the same as pre lockdown. So they went from over 120 employees down to 83. So basically they cut 40 employees from the workforce. That's a whole lot of quarter of the workforce gone. They don't need them anymore. So that's going to help produce more profits for them. [00:36:27] A lot more profits. Cause usually automating. Yeah, it can be painful, but it usually has major paybacks and that's exactly what it had for them. And they're saying that they anticipate that they can reduce employees even more by the end of this year and get their head count below. 50 now 50 is a magic number. [00:36:48] So it was a hundred when it comes to employees. Well, one is like the biggest magic number because when, once you have one employee, you all of a sudden have to comply with all kinds of rules, regulations, state, local, federal. But if you hit 50 employees, you have the next step of major new regulations that are gonna affect your business. [00:37:09] And then when you hit a hundred employees, Even more, so many people try and keep their businesses below 50 employees because it's just not worth it to have all of those regulations, additional regulation, taxes, and everything else. Another company, this is a California based property management. The managing more than 90,000 commercial and residential properties. [00:37:33] And what they've done is they added a chat feature to the website, the company's called sea breeze. And he says, even though we have the live chat, you can still reach us outside of business hours. Well, You are using the chat or you can call us either way, but they're saying people like the simple form and someone gets back to them as soon as they can. [00:37:57] So they're avoiding now having staff available 24 7 to respond to chat messages and to respond to the voicemails and phone calls that come in. So it's pretty good all the way around, frankly, new shopping models are in place. I'm looking at a picture of a business and it has. Of course, a window up front and in the window they have jewelry. [00:38:21] This is a jewelry store and they've got QR codes in front of each of these pieces of jewelry right on the inside of the window. So if you're interested in finding out more about that piece of jewelry, Just scan the QR code. It'll take you to the right page on their website and we'll even let you buy the jewelry and they will mail it to you again. [00:38:46] How's that for? Great. If you have a business in a tourist jury area and you don't want to be open until 11:00 PM at night, your story can keep selling for you. Even when you're close. This is window shopping, taken to an extreme, very simple. To do as well. This company is called full me waiter. Obviously they've got a bit of a sea theme here. [00:39:10] So once someone orders the jewelry and the other merchandise sent right to them, or they can have it set for pickup in the store, when they next open it's phenomenal. They're calling. Alfresco shopping space, right from the sidewalk. So businesses again are returning to pre pandemic levels and he, this guy is available in the store by appointment only he's loving it. [00:39:37] And he says that customers have been so satisfied with this QR code window shopping contract. That he wrote a guidebook. You can get it@scantshopsolution.com or excuse me, scan, just shop solution.com. I misread that. So any retailers who want to use this method, if you don't know what QR codes are, or you don't know how to code it into a website, et cetera, she's got webinars she's taught on it and she's got the guide book. [00:40:05] I think this is great. Right? So she's now making some money on. Explain to other people, how she did this. It's phenomenal across industries. Epic times is saying the staffing shortages could be temporary, but as firms are further embracing, embracing automation and all of its benefits, some of these jobs that people just don't want anymore may actually be going away. [00:40:33] And I think this is ultimately a problem. We had, uh, you know, again, I'm older generation, right? Us baby boomers. We had opportunities when we were younger. I had newspaper routes. I had the biggest drought in the area. I can't remember. It was like 120 homes. It was huge. It took me hours to do, but I made money. [00:40:56] I learned how to interact with people. I knew, I learned how to do bill collection, how important it was not to let customers get too far behind on their bills. Although I have been slack on that one, I'm afraid, but it helped me out a lot. So, what are kids going to do that need to learn a work ethic that need to be able to have a job, make the mistakes, maybe get fired a once or twice or, or three times maybe learn how to interact with customers. [00:41:27] Everyone, I think can benefit from some retail experience. Get that when you're young and if these jobs don't exist, then. Or the younger generations here, are they just going to be trying to find jobs they can do with Instagram? Right? They're all I know. A few kids who have said, well, I'm a social media influencer and you look them up and okay. [00:41:50] So they got a thousand people following them. I have far more than that, but you know, it, that's not a job. It's not going to last. Your looks are only going to last so long. Right now you start having a family and you start working hard outdoors, et cetera. There's a lot of things that make that all go away. [00:42:09] So I think many businesses now we're going to continue to accelerate our plans program out and. A lot of weld pain positions, as well as these entry-level positions in the next five or 10 years. Really? I don't even know if it's going to be 10 years retool retrain our workforce, or everyone's going to be in for a world of hurt. [00:42:33] Hey, make sure you subscribe. So you're not in a world of hurt. Get my latest in news, especially tech news and cybersecurity. Craig peterson.com. [00:42:46] In this day and age, if you don't have a burner identity, you are really risking things from having your identities stolen through these business, email compromises. It's really crazy. That's what we're going to talk about. [00:43:03] An important part of keeping ourselves safe in this day and age really is con to confuse the hackers. The hackers are out there. They're trying to do some things. For instance, like business, email compromise. It is one of the biggest crimes out there today. You know, you hear about ransomware and. It hits the news legitimately. [00:43:26] It's very scary. It can really destroy your business and it can hurt you badly. If you're an individual you don't want ransomware. Well, how about those emails that come in? I just got an email in fact, from a listener this week and they got a phone call. His wife answered and it was Amazon on the phone and Amazon said, Hey, listen, your account's been hacked. [00:43:54] We need to clear it up so that your identity doesn't get stolen. And there's a fee for this. It's a $500 fee. And what you have to do is just go to amazon.com. Buy a gift card and we'll then take that gift card number from you. And we'll use that as the fee to help recover your stolen information. So she went ahead and did it. [00:44:20] She went ahead and did all of the things that the hackers wanted and now they had a gift card. Thank you very much. We'll follow up on this and. Now she told her husband, and of course this isn't a sex specific thing, right. It could have happened to either one. My dad fell for one of these scams as well. [00:44:44] So she told her husband or her husband looked at what had happened and said, oh my gosh, I don't think this is right. Let me tell you, first of all, Amazon, your bank, various credit card companies are not going to call you on the phone. They'll send you a message right. From their app, which is usually how I get notified about something. [00:45:10] Or they will send an email to the registered to email that. Uh, that you set up on that account. So that email address then is used by them to contact you right. Pretty simple. Or they might send you a text message. If you've registered a phone for notifications, that's how they contact you. It's like the IRS. [00:45:35] I was at a trade show and I was on the floor. We were exhausted. And I got no less than six phone calls from a lady claiming to be from the IRS and I needed to pay right away. And if I didn't pay right away, they were going to seize everything. And so all I had to do. Buy a gift card, a visa gift card, give her the number and she would use that to pay the taxes it and this lady had a, an American accent to one that you would recognize. [00:46:10] I'm sure. And it's not something that they do now. They do send emails, as I said. So the part of the problem with sending emails is, is it really them? Are they sending a legitimate email to a legitimate email address? Always a good question. Well, here's the answer. Yeah, they'll do that. But how do you know that it isn't a hacker sending you the email? [00:46:42] It can get pretty complicated. Looking into the email headers, trying to track. Where did this come from? Which email servers did it go through? Was it authenticated? Did we accept? Did the, uh, the provider use proper records in their DNS, the SPIF, et cetera, to make sure that it's legitimate. Right? How do you follow up on that? [00:47:07] That's what we do for our clients. And it gets pretty complicated looking at DKMS and everything else to verify that it was legitimate, making sure that the email came from a registered MX server from the, the real center. There is a way around this. And this has to do with the identities, having these fake burner identities. [00:47:33] I've been doing this for decades myself, but now it's easy enough for anybody to be able to do. There are some services out there. And one of the more recommended ones. And this is even the New York times, they have an article about this. They prefer something called simple log-in. You can find them online. [00:47:57] You can go to simple login dot I O. To get started now it's pretty darn cool. Cause they're using, what's called open source software it's software. Anybody can examine to figure out is this legitimate or not? And of course it is legitimate, but, uh, they it's, it's all out there for the whole world to see. [00:48:17] And that means it's less likely in some ways to be hacked. There are people who argue that having open source software means even more. In some ways you are, but most ways you're not, anyways, it doesn't matter. Simple login.io. Now, why would you consider doing this? Uh, something like simple login? Well, simple login is nice because it allows you to create dozens and dozens of different email address. [00:48:51] And the idea is with simple log-in it will forward the email to you at your real email address. So let's say you're doing some online shopping. You can go ahead and set up an email address for, you know, whatever it is, shopping company.com, uh, that you're going to use a shopping company.com. So you'd go there. [00:49:13] You put in two simple log-in, uh, I want to create a new identity and you tag what it's for, and then you then go to some, um, you know, shopping company.com and use the email address that was generated for you by simple login. Now you're a simple login again. Is it going to be tied into your real email account, wherever that might be if using proton mail, which is a very secure email system, or if using outlook or heaven forbid Gmail or one of these others, the email will be forwarded to you. [00:49:52] You will be able to see that indeed that email was sent to your. Shopping company.com email address or your bank of America, email address, et cetera, et cetera, that makes it much easier for you to be able to tell, was this a legitimate email? In other words, if your bank's really trying to get ahold of you, and they're going to send you an email, they're going to send you an email to an address that you use exclusive. [00:50:22] For bank of America. In reality, you only have the one email box that is over there on wherever proton, mail, outlook, Gmail, your business. You only have that one box you have to look at, but the email is sent to simple login. Does that make sense? You guys, so you can create a, these alias email boxes. It will go ahead and forward. [00:50:49] Any emails sent to them, to you, and you'll be able to tell if this was indeed from the company, because that's the only place that you use that email address. That makes it simple, but you don't have to maintain dozens or hundreds of email accounts. You only have the one email account. And by the way, you can respond to the email using that special aliased email address that you created for the shopping company or bank of America or TD or whomever. [00:51:22] It might be, you can send from that address as well. So check it out online, simple log-in dot IO. I really liked this idea. It has been used by a lot of people over, out there. Now here's one other thing that it does for you, and this is important as well. Not using the same email address. Everywhere means that when the hackers get your email address from shopping company.com or wherever, right. [00:51:56] pets.com, you name it. They can not take that and put it together with other information and use that for business, email compromise. Does that make sense? It's it makes it pretty simple, pretty straightforward. Don't get caught in the whole business email compromise thing. It can really, really hurt you. [00:52:19] And it has, it's one of the worst things out there right now, dollar for dollar it's right up there. It, by the way is one of the ways they get ransomware into your systems. So be very careful about that. Always use a different email address for every. Website you sign up for. Oh, and they do have paid plans like a $30 a year plan over at simple IO will get you unlimited aliases, unlimited mailboxes, even your own domain name. [00:52:50] So it makes it pretty simple, pretty handy. There's other things you might want to do for instance, use virtual credit cards. And we'll talk about those a little bit. As well, because I, I think this is very important. Hey, I want to remind everybody that I have started putting together some trainings. [00:53:12] You're going to get a little training at least once a week, and we're going to put all of that into. We have been calling our newsletter. I think we might change the name of it a little bit, but you'll be getting those every week. And the only way to get those is to be on that email list. Go to Craig peterson.com/subscribe. [00:53:35] Please do that right. I am not going to harass you. I'm not going to be one of those. And I've never been one of those internet. Marketers is sending you multiple dozens of emails a day, but I do want to keep you up to date. So stick around, we will be back here in just a couple of minutes. And of course you're listening to Craig Peterson. [00:53:59] And again, the website, Craig peterson.com stick around because we'll be right back. [00:54:05] One of the best ways to preserve your security on line is by using what we're calling burner identities, something that I've been doing for more than 30 years. We're going to talk more about how to do that right. [00:54:20] We've talked about email and how important that is. I want to talk now about fake identities. Now, a lot of people get worried about it. It sounds like it's something that might be kind of sketchy, but it is not to use fake identities in order to confuse the hackers in order to make it. So they really can't do the things that they. [00:54:46] To do they can't send you fishing ear emails, particularly spear phishing emails. That'll catch you off guard because you're using a fake. How do you do that? Well, I mentioned to you before that I have a thousands of fake identities that I created using census data. And I'm going to tell you how you can do it as well. [00:55:13] Right? There's a website out there called fake name a generator. You'll find it online@fakenamegenerator.com. I'm on that page right now. And I'm looking at a randomly generated identity. It has the option right on this page to specify the sex. And it says random by default, the name set, I chose American the country United States. [00:55:44] So it is applying both American and Hispanic names to this creative. And now remember it's doing the creation based on census data and some other public data, but it is not giving you one identity of any real. I think that's important to remember, and you're not going to use these identities for illegal purposes. [00:56:11] And that includes, obviously when you set up a bank account, you have to use your real name. However, you don't have to use your. If you will real email address, you can use things like simple login that will forward the email to you, but we'll let you know who was sent to. And if you only use that one email address for the bank, then you know that it came from the bank or the email address was stolen from the bank. [00:56:40] Right. All of that stuff. We've talked about that already. So in this case, The name has come up with for me is Maurice D St. George in Jacksonville, Florida even gives an address, uh, in this case it's 36 54 Willis avenue in Jacksonville, Florida. So if I go right now, Uh, two, I'm going to do use Google maps and I am going to put in that address. [00:57:11] Here we go. Jacksonville willows avenue, all the guests. What there is a Willis avenue in Jacksonville, and it's showing hoes from Google street view. Let me pull that up even bigger. And there it is. So ta-da, it looks like it gave me. Fairly real address. Now the address it gave me was 36 54, which does not exist. [00:57:40] There is a 365, but anyways, so it is a fake street address. So that's good to know some, if I were to use this, then I'm going to get my. Uh, my mail saying why about I pass? So, uh, Maurissa tells you what Maurice means, which is kind of neat. It'll give you a mother's maiden name. Gremillion is what a gave me here, a social security number. [00:58:06] So it creates one that passes what's called a check sum test. So that if you put it into a computer system, it's going to do a real quick check and say, yeah, it looks. To me. So it's was not just the right number of digits. It also passes the check, some tasks. Well-known how to do a check sum on their social security numbers. [00:58:27] So again, it's no big deal. And remember, you're not going to use this to defraud anyone. You're going to use this for websites that don't really need to know, kind of give me a break. Why do you need all this information? It gives me a phone number with the right area code. Uh, and so I'm going to go ahead and look up this phone number right now. [00:58:50] Remember, use duck, duck go. Some people will use Google search and it says the phone number gave me is a robo call. As I slide down, there's some complaints on that. Uh, so there you go. So they giving us a phone number that is not a real person's phone number, country code, of course one, cause I said United state birth date. [00:59:13] Oh, I was born October 7th, year, 2000. I'm 20 years old. And that means I'm a Libra. Hey, look at all this stuff. So it's giving me an email address, which is a real email address that you can click to activate or right there. Again, I mentioned the simple login.io earlier, but you can do a right here and it's got a username and created for me a password, which is actually a pretty deep. [00:59:41] The password. It's a random one, a website for me, my browser user agent, a MasterCard, a fake MasterCard number with an expiration and a CVC to code all of this stuff. My height is five six on kind of short for. Uh, my weight is 186 pounds own negative blood type ups tracking number Western union number MoneyGram number. [01:00:11] My favorite color is blue and I drive a 2004 Kia Sorento and it also has a unique ID. And, uh, you can use that wherever you want. So the reason I brought this up again, it's called fake name generator.com is when you are going to a website where there is no legal responsibility for you to tell them the true. [01:00:39] You can use this. And so I've, I've used it all over the place. For instance, get hub where you have, uh, it's a site that allows you to have software projects as you're developing software. So you can put stuff in, get hub. Well, they don't know to know, need to know who I really am. Now they have a credit card number for me. [01:01:01] Because I'm on a paid plan. I pay every month, but guess what? It isn't my real credit card number. It isn't the number that I got from fake name generator. My credit card company allows me to generate either a single use credit card numbers, or in this case, a credit card. Number four, get hub doc. So just as an example, that's how I use it. [01:01:24] So if get hub gets hacked, the hackers have an email address and a name that tipped me off right away, where this is coming from. And if the email didn't come from GitHub by no, they either sold my information to a marketing company, or this is a hacker. Trying to manipulate me through some form of his fishing scheme. [01:01:47] So I know you guys are the breasts and best and brightest. A lot of you understand what I'm talking about and I'm talking about how you can create a burner identity. And let me tell you, it is more important today to create a burner identity. Then it has ever been at any point in the past because frankly burner identities are one of the ways that you can really mess up some of the marketing firms out there that are trying to put the information together, these data aggregator companies, and also the hackers. [01:02:24] And it's really the hackers that were off up against here. And we're trying to prevent them from. Getting all of this information. So when we come back, I want to talk about the next step, which is which credit cards can you get? These single use card numbers from? Should you consider using PayPal when my Google voice be a really good alternative for you? [01:02:52] So we're going to get into all of that stuff. Stick around in the meantime, make sure you go to Craig peterson.com/subscribe. Get my newsletter. All of this. Is in there. It makes it simple. It's a simple thing to do. Craig peterson.com. And if you have any questions, just email me M e@craigpeterson.com. [01:03:20] Having your credit card stolen can be a real problem for any one of us. It gives the bad guys, a lot of options to spend a lot of money very quickly. We're going to talk right now about virtual credit cards. What are they, what does it mean? [01:03:37] Virtual credit cards come in two basic forms. [01:03:41] One is a single use credit card, which was quite popular back when these things first came out and another one is a virtual credit card that has either a specific life. In other words, it's only good for 30 days or that can be used until you cancel it. If you have a credit card, a visa, MasterCard, American express discover all of the major card issuers will give you the ability to reverse any charges that might come onto your cards. [01:04:19] If your card is stolen or missing. Now that makes it quite easy. Doesn't it? I want to point out that if you're using a debit card, as opposed to a credit card, there's not much challenging you can do with the credit card. You can say, I am not going to make my pain. And, uh, because of this, that, and the other thing, this was stolen, et cetera, they can file it as a disputed charge. [01:04:46] They can do an investigation find out. Yeah. I'm you probably were not at a bus terminal down in Mexico city, which happened to me. 'cause I was up here in New Hampshire, quite a ways down to Mexico city. And so they just reversed it out. That money never came out of my bank account because it was on a credit card. [01:05:08] If I were using a debit card. That money would have come right out of my account. Now, mind you, a bus ticket in Mexico city is not very expensive, but many people have had charges of many thousands of dollars. And if you need that money in your checking account, and you're using a debit card, you got a problem because your check for, well, if you ever have to pay rent again, red check is going. [01:05:38] Bound because they just empty it out to your bank account. So now you have to fight with the bank, get the money back. They will, they will eventually refund it, but it could make some of you. Transactions that you might've written a check or something, it'll make them bounce. And that could be a real problem. [01:05:57] These, it could make them bounce. So using a credit card is typically less of a hassle online. So why would you want to use a virtual card or also known as a master credit card? Masked and may S K E D? Well, the main reason behind this is to allow you. Control payment. I've used them. In fact, I use them exclusively on every website online. [01:06:29] And I'm going to tell you the names of some of them here in just a couple of minutes, but I use them all of the time. And part of the reason is let's say, I want to camp. Uh, service. Have you ever tried to cancel a service before and you have to call them many times, right. And so you're, you're arguing with somebody overseas somewhere who doesn't want you to close the account. [01:06:53] And of course the. Bump you up to the next level person who also doesn't want you to close the account. And so you have to fuss fuss, fuss, fuss. Have you ever had that experience and I'm sure you have. It just happens all the time. So with using the virtual credit card, Well, the advantage to me is, Hey, if you are going to try and fight with me, I don't care because I'm just going to cancel that credit card number. [01:07:24] So I don't have to cancel my credit card. I don't have to have the company reissue credit card for me. I don't have to do any of this sort of thing that makes my life pretty easy. Doesn't it? And so, because of that, I am now I think in a much better. Place, because it just, I don't have to fight with people anymore. [01:07:43] So that's one of the reasons I used it. The other big reason is if it gets stolen, they can cause less harm. Some of these credit card it's virtual credit cards are set up in such a way that you can limit the amount that's charged on them. Do you like that? So if you are using it on a site that maybe is charging you $50 a month, no problem. [01:08:09] $50 a month comes off of the credit card. And if someone tries to charge more bounces and then hopefully you find out, wait a minute, it just bounced on me right now. Then next step up is okay. It bounced and. Uh, I am just going to cancel the card and then you issue a new credit card number for that website. [01:08:32] So an example. In my case has get hub.com. We keep software up there and they charge me every month if get hub were to get hacked and that credit card number stolen I'm I really don't care because there's almost nothing that can happen. And if good hub doesn't properly cancel. My account, I can just cancel the credit card and, you know, let them come after me. [01:08:57] Right. This isn't going to happen. So then it's also called a master credit card number because it's a little safer than using your real credit card details. I also want to point out something about debit card. I went for years with no credit cards at all. Nowadays, many of my vendors will take a credit card for payment. [01:09:20] And in fact, give me a bit of a better deal. And then with the credit card, I can get 2% cash back, which I use to pay down the credit card. Right. It couldn't get any better than that, but when you're using a debit card, what I always. Is I had two accounts that I could transfer money between at the bank. [01:09:42] So I had one checking account. That was my main operating, if you will account. And then I had another checking account where I would be. Just moving money out of it. Or you could even do it with a savings account, but some banks, they only let you do so many transactions a month on a savings account. So the idea is I know that I have this much in credit card obligate while debit card obligations for this month, that money is going to be coming out. [01:10:11] So I make sure that. In the debit card account to cover the legitimate transactions I know are coming up and then I keep everything else in the other account. And then I manually transferred over every month. So that's how I dealt with the whole debit card thing. And it worked really well for me. Bottom line. [01:10:30] I think it's a really great. So there you go, who are the companies that you can use to do this? I've used some of these before all of them have worked really well. If you have a capital one credit card, they have something called Eno, E N O, and it's available to all capital one card. You know, even has an extension for your web browsers. [01:10:59] So if it notices you're on a webpage, it's asking for credit card number, it'll pop up and say, do you want me to create a credit card number or a virtual one for this websites you can make your payment. Does it get much easier than that? Citibank has something they call a virtual credit cards available to all Citibank card holders, master pass by MasterCard. [01:11:23] That's available to any MasterCard visa, American express discover Diner's club card holders, credit, debit, and prepaid cards by their way. So you might want to check that one out. Uh, yeah, so that's the only one I see on my list here. That will do it for debit cards, Masterpass by MasterCard American express checkouts, available to all American express card holders. [01:11:51] Chase pay available to all chase card holders, Wells Fargo, wallet, uh, visa checkouts, available to all visa, MasterCard, and American express and discover color card holders, credit and debit cards. Plus. Prepaid cards. Okay. So it does do the debit cards as well. Final that's all owned by Goldman Sachs and is not accepting any new applicants and entro pay. [01:12:19] Also not accepting new applicants. There's a couple online. You might also want to check out our Pyne. Premium Al buying. I'm buying a, B I N E blur premium. You might want to check that out as well. All right, everybody make sure you check me out. Craig peterson.com/subscribe. [01:12:43] We're going to wrap up how you should be using these burner identities of few more tips and tricks that are going to help keep you safe from the hackers that are out there. So here we go. [01:12:58] There are a lot of hackers out there. [01:13:01] The numbers are just astounding. The cost of these hackers coming in and stealing our information is just unbelievable. And it goes all the way from big corporations, from things like the colonial pipeline, the U S government all the way on down through you and me. I want to tell you a little story about a friend of mine. [01:13:28] He is about 75 years old and he supplements his income by driving for Uber eats and one other company. And so what he'll do is someone puts in an order for food somewhere. He'll go pick it up and then he'll drive it to where whoever wanted wanted, whoever ordered it. Now, there are. Pricing number of scams with this. [01:13:55] So he's very careful about some of that orders, a cookie, for instance, because it's usually a bit of a scam anyways, we won't get into those, but I'll tell you what happened to him. His information was stolen online as it was probably yours. Mine I know was as well. So it's all stolen. What do you do? While in his case, what ended up happening is they managed to get into his email account. [01:14:27] Once they're in his email account, they now had access to the emails he was getting from one of these companies. Now it wasn't the Uber eats guy. He was, there was another company. So let's just explain this a little bit. Uber eats sends him a request for him to go ahead and do a double. So, you know, go to the restaurant, pick it up and take it to this client's house. [01:14:54] And in order for him to register, he had to register an email address. Now, of course, he uses the same email address for everything, all of the. Now, personally, that drives me a little bit insane, but that's what he does. And he has just a few passwords. Now. He writes them down a little book and heaven forbid he ever lose the book so that he can remember them. [01:15:24] He just wants to keep his life simple. Right. He's 75. He's not technophobic, but you know, he's not up on all of this stuff. What he found was a paycheck didn't show. And it was an $800 paycheck. We're talking about real money that he should have had in his. It didn't show up. So he calls up the company and says what happened to my paycheck and their record show? [01:15:53] Yes, indeed. It had been paid. We paid you, we deposited right into your account. Just like you asked. Yeah. You know, ACH into the account. Great. Wonderful. What had happened is bad guys had gone, gained control of his email address and use that now. Because they figured, well, I see some emails in his account from this food delivery service, so, well, let's try and see if this email address that we're looking at right now. [01:16:26] All of his emails let's look and see. Okay. Yeah. Same. Email address and same password as a used ad at this email address. Yeah, it worked. Okay. Great. So now we have access to this guys food delivery account. So they changed. The bank account number now, easy enough to confirm, right. They change it and send you an email. [01:16:54] Hey, I want to make sure that it was you until the bad guys, the hackers click out, yada yada. Yeah, it was me and then delete the email. So he doesn't see it. And now his $800 paycheck. In fact, I think there were a couple of different checks is deposited directly into the bad guy's bank account and. The money of course is transferred out pretty quickly. [01:17:18] Now the, that guys, these hackers are using what are called mules. You might be familiar with that in the drug trade. They'll have a third party deliver the drugs just to mule. They don't know what all is going on. They probably know the delivering drugs in this case, most of the meals are useful idiots of which there are many in this country. [01:17:43] Unfortunate. Uh, political and otherwise. And these people are convinced that all they need to do is transfer the money into this account so that the hackers can then pull it out. And you know, now they're going to take care of their grandmother who is stuck in the hospital and they have no way to pay for it. [01:18:07] And they can't transfer the money out of the country during. That's one of the stories they use for people. And in many cases, these meals know what they're doing. The FBI earlier this year arrested a whole group of mules out in California that were purposefully transferring the money. They knew what they were doing. [01:18:28] So his money was now out of the country. No way to get it. And this food delivery company was not about to pay him. So it, isn't just the big guys it's you and me as well. So what I want to talk about right now is multi-factor authentication. Now. You guys are the best and brightest. I hope you understand this. [01:18:54] If you have questions, please reach out to me. I am more than
With Gareth Myles and Ted SalmonJoin us on Mewe RSS Link: https://techaddicts.libsyn.com/rss iTunes | Google Podcasts | Stitcher | Tunein | Spotify Amazon | Pocket Casts | Castbox | PodHubUK Feedback and Contributions: Chris Clayton on GTA Trilogy “Pricing already confirmed at $60. So maybe £50? I'll easily get 50 hours out of these three games so I'm ok with that. PS5 and Xbox are 4k60fps. No word on switch yet. I hope they can hit 1080 60fps. If it's capped at 30 I may have to rethink” --------------------- Someone's Got an Evercade VS and Reviewed it! You don't know the right people! Interesting that the carts save progress on the VS so you can switch to handheld on-the-fly. The Nintendo stuff looks interesting for me - Bitmap Brothers and Codemasters. Did you know about Amazon Trade-and-Save? £52 for a Switch Lite, £80 for a Samsung Galaxy S9+, £142 for Pixel 5 - you can do better elsewhere, but didn't know they did this. Hardline on the hardware: Facebook could no longer be called Facebook as of next week Apple announces 14-inch and 16-inch MacBook Pro: new design, display notch, 120Hz, M1 Pro chip, HDMI, MagSafe, more Raspberry Pi CM4 Retropie console project Analogue OS revealed, offers save states and other features for the Analogue Pocket Juno Linux laptop range with AMD and Intel options launches from $1,150 Ted's Nokia XR20 Review Lenovo TAB6 5G Tablet Unveiled ZTE ZPad 10-Inch Tablet Traffic Lights in the Pavement in South Korea HDMI: A standard with a lot of untapped potential Canon shows first footage from its unusual RF 5.2mm F2.8 L Dual Fisheye lens First Samsung Galaxy Tab S8 renders leak Neighbour wins privacy row over smart doorbell and cameras Flap your trap about an App: Android apps are now available on Windows 11 in the Beta channel How to Run Windows 11 on a USB Drive (and Take it With You) Sysinternals Nerdy Geek Tool for Windows Nvidia will rent you a RTX 3080 in the cloud for GeForce Now Pixel 6 series only getting three major Android updates up to 2024 Google Docs gets @ menu where you can insert formatting, pictures... almost anything Hark Back: Shareware, Adware, Crippleware, Trialware, Donationware, Nagware, Freemium, Freeware, Postcardware, Beerware Bargain Basement: Best UK deals and tech on sale we have spotted Sades Spirits are £17 (down from £30) OPPO Find X2 Pro 5G £799 - £200 off and £66/month/12 Oppo Find X3 Pro £91/month/12 too) Panasonic 2021 58 inch JX850BZ 4K LED HDR Smart TV - Was: £899.99 Now: £589.00 SanDisk Ultra 1 TB microSDXC Memory Card (U1) £159 or £32/month/5 SanDisk Extreme Pro 1 TB microSDXC Memory Card (U3) £230 or £46/month/5 Kingston A400 SSD Internal Solid State Drive - Was: £78.99 Now: £69.98 Soundcore 3 by Anker Soundcore £55 - 24% = £41 Anker Soundcore Liberty 2 Pro True Wireless Earbuds - Was £109.00 Now: £49.99 Microsoft Surface Duo 128GB £583 Logitech MX Keys £85 from £99 Main Show URL: http://www.techaddicts.uk | PodHubUK Contact:: gareth@techaddicts.uk | @techaddictsuk Gareth - @garethmyles | garethmyles.com Ted - tedsalmon.com | Ted's PayPal | Ted's Amazon | tedsalmon@post.com YouTube: Tech Addicts The PodHubUK PodcastsPodHubUK - Twitter - MeWe PSC Group - PSC Photos - PSC Classifieds - WhateverWorks - Camera Creations - TechAddictsUK - The TechBox - AAM - AAWP - Chewing Gum for the Ears - Projector Room - Coffee Time - Ted's Salmagundi - Steve's Rants'n'Raves - Ted's Amazon - Steve's Amazon - Buy Ted a Coffee
Heute mit: iPhone-Scanning, Mozilla, Wasserstoff-LKW, Mondlandung ***SPONSOR-HINWEIS*** Für alle Mac User könnte das nächste Tool sehr hilfreich sein. CleanMyMac X von MacPaw, die ideale Entrümpelungs-App für den Mac. CleanMyMac enthält neunundvierzig Werkzeuge, um unsichtbaren Computer-Müll zu finden und zu löschen. Zusätzlich hilft es den Mac zu tunen, damit er mit maximaler Geschwindigkeit läuft. Sie können tonnenweise Speicherplatz freigeben, so dass Ihr Mac nie in Speicherprobleme gerät. Außerdem bekämpft CleanMyMac Mac-spezifische Malware und Adware und schützt Ihren Computer. ***SPONSOR-HINWEIS ENDE***
Heute mit: Halbleiterkrise, Twitter, DDR4-RAM, EU-Roaming ***SPONSOR-HINWEIS*** Für alle Mac User könnte das nächste Tool sehr hilfreich sein. CleanMyMac X von MacPaw, die ideale Entrümpelungs-App für den Mac. CleanMyMac enthält neunundvierzig Werkzeuge, um unsichtbaren Computer-Müll zu finden und zu löschen. Zusätzlich hilft es den Mac zu tunen, damit er mit maximaler Geschwindigkeit läuft. Sie können tonnenweise Speicherplatz freigeben, so dass Ihr Mac nie in Speicherprobleme gerät. Außerdem bekämpft CleanMyMac Mac-spezifische Malware und Adware und schützt Ihren Computer. ***SPONSOR-HINWEIS ENDE***
Heute mit: Klimawandel, Infineon, Cybercrime, Enterprise ***SPONSOR-HINWEIS*** Für alle Mac User könnte das nächste Tool sehr hilfreich sein. CleanMyMac X von MacPaw, die ideale Entrümpelungs-App für den Mac. CleanMyMac enthält neunundvierzig Werkzeuge, um unsichtbaren Computer-Müll zu finden und zu löschen. Zusätzlich hilft es den Mac zu tunen, damit er mit maximaler Geschwindigkeit läuft. Sie können tonnenweise Speicherplatz freigeben, so dass Ihr Mac nie in Speicherprobleme gerät. Außerdem bekämpft CleanMyMac Mac-spezifische Malware und Adware und schützt Ihren Computer. ***SPONSOR-HINWEIS ENDE***
Security researchers say APKPure, a widely popular app for installing older or discontinued Android apps from outside of Google's app store, contained malicious adware that flooded the victim's device with unwanted ads.
¿Virus? 🦠 ¡No todo iba a ser COVID ni un ataque informático siempre es un virus! En el episodio 6 te cuento algunos de los diferentes tipos de malware ☠️ (término correcto) que puede sufrir un sistema informático de cualquier tipo 💻📱. ¿Que es un Adware? ¿Que le ha ocurrido al SEPE? 🤔¿y a Telefónica en su momento? ¿Puedo protegerme contra estos ataques? 🔐 Todas estas dudas y alguna curiosidad más te serán resueltas en el episodio de hoy. ¡Prepara tus palomitas 🍿o tu almohada 😴 y disfruta conmigo! Encontrarás las notas del podcast aquí ⤵️ https://fugamemoriapod.blogspot.com/2021/03/s01e6.html
Tracking OceanLotus. US advisory warns of cyberthreats active against schools trying to deliver distance learning. Adrozek joins credential harvesting and adware. MountLocker’s criminal affiliate program. The FCC takes action against Chinese companies deemed security risks. Predictions, and holiday advice. Johannes Ullrich from the SANS technology institute wonders what’s in your clipboard? Our guest is Nina Jankowicz from Wilson Center on her new book - How to Lose the Information War - Russia, Fake News, and the Future of Conflict. And internship opportunities at CISA. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/9/238
Welcome! This week I am spending a bit of time discussing Bitcoin and other crypto-currency and their tie to Ransomware and a couple of things the Feds are doing from the IRS to DOJ. Then we go into the Gig Economy and thru the ramifications of CA Prop 22 and More so listen in. For more tech tips, news, and updates, visit - CraigPeterson.com. --- Tech Articles Craig Thinks You Should Read: The feds just seized Silk Road’s $1 billion Stash of bitcoin Uber and Lyft in driving seat to remake US labor laws The One Critical Element to Hardening Your Employees' Mobile Security Ransom Payment No Guarantee Against Doxxing Connected cars must be open to third parties, say Massachusetts voters Tracking Down the Web Trackers Apple develops an alternative to Google search San Diego’s spying streetlights stuck switched “on,” despite a directive Paying ransomware demands could land you in hot water with the feds Windows 10 machines running on ARM will be able to emulate x64 apps soon 'It Won't Happen to Me': Employee Apathy Prevails Despite Greater Cybersecurity Awareness Rise in Remote MacOS Workers Driving Cybersecurity 'Rethink' A Guide to the NIST Cybersecurity Framework --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] The silk road is back in the news as a billion dollars was just taken from their account. We're going to talk about mobile security, ransom payments, and doxing. And of course, a whole lot more as you listen right now. Hi, everybody, of course, Craig Peterson here. Thanks for spending a little time with me today. We have a bunch to get to. I think one of the most interesting articles, what kind of start with this week because this is a very big deal. We're talking about something called cryptocurrency, and I'm going to go into that a little bit. So for those of you who already know, just maybe there's something you'll learn from this little part of the discussion and then we'll get into Bitcoin more specifically. Then the secret service, what they have been doing to track down some of these illegal operators and also how this is really affecting ransomware. Those two, by the way, are just tied tightly together, Bitcoin and ransomware. So I'll explain why that is as well. Cryptocurrency has been around for quite a while now. There's a concept behind cryptocurrency and it's the most important concept of all, frankly, when it comes to cryptocurrency and that is you have to use advanced to mathematics in order to prove that you have found a Bitcoin. Time was you'd go out and go gold mining. Heck people are still doing it today. all over New England. It isn't just the Yukon or Alaska or Australia, et cetera. They're doing it right here. And they have proof that they found something that's very hard to find because they have a little piece of gold or maybe a nugget or maybe something that's like a huge nugget man. I saw a picture of one out of Australia that was absolutely incredible. Takes a few people to carry this thing. That is proof, isn't it? You can take that to the bank, ultimately. You sell it to a gold dealer who gives you cash. That you can then take to a bank. Then the bank account information is used to prove that you can buy something. You give someone a credit card, it runs a little check. Hey, are we going to let this guy buy it? Or a debit card? Hey, does he have enough money in the bank? So along with that pathway, you have something that is real. That's hard and that's the gold that was mined out of the ground. Then it very quickly becomes something that's frankly, unreal. Time was our currency was backed by gold and then it was backed by silver. Now it's backed by the full faith and credit of the United States government. not quite the same thing, is it? So we're dealing with money that isn't all that real, the United States agreed to not manipulate its currency. We became what's called the petrodollar. All petroleum products, particularly crude oil are sold on international exchanges using the US dollar. China is trying to change that. Russia's tried to change that. They're actually both going to change it by using a cryptocurrency. At least that's their plan. The idea behind cryptocurrency is that your money, isn't real either, right? You sure you've got a piece of paper, but it's not backed by anything other than the acceptance of it by somebody else. If you walk into Starbucks and you drop down a quarter for your coffee. Yeah, I know it's not a quarter used to be a dime. I remember it was a dime for a cup of coffee, not at Starbucks, but you dropped down your money. Okay. Your $10 bill for a cup of coffee at Starbucks, they'll take it because they know they can take that $10 and they can use it to pay an employee and that employee will accept it and then they can use that to buy whatever it is that they need. It's how it works. With Bitcoin, they're saying what's the difference? You have a Bitcoin. It's not real. Ultimately represents something that is real, but how is there a difference between accepting a Bitcoin and accepting a $5 bill? What is the difference between those two or that $10 bill that you put down at Starbucks? In both cases, we're talking about something that represents the ability to trade. That's really what it boils down to. Our currencies represent the ability to trade. Remember way back when, before I was born that a standard wage was considered a dollar a day. So people would be making money at a rate of a dollar a day. I remember that song, old country song. I sold my soul to the company's store and they made enough money just basically yet buy in to pay the company for the room and board and everything else they had. Interesting times, not fun, that's for sure for many people caught up in it. When you dig down behind Bitcoin, once you ultimately find at the root, was a computer that spent a lot of time and money to solve this massive mathematical equation. That's the basics of how that works. That's what Bitcoin mining is. Right now, it costs more to mine a Bitcoin. In most areas, then it costs for the electricity to run it and the hardware to buy it. There are computers that are purpose made. Just to create these Bitcoins, just to find them just to mine them. If you're sitting at home thinking, wow, I should get into a cryptocurrency and I'll just go ahead and mine it on my computer, that's really fun. It's a fun thing to think about. But in reality, you are not going to be able to justify it. You'd be better off to go and buy some gold or another precious metal. So that's how cryptocurrency has, how Bitcoin, that's how all of these really begin is just with the computer, trying to solve an incredibly complex math problem that can take weeks or months for it to solve. For those of you that want to dig a little bit more, basically, it's using prime numbers. You might remember messing with those in school. I remember, I wrote a program to determine prime numbers a long time ago. 45 plus years ago, I guess it was, and it was fun because I learned a lot about prime numbers back then. But we're dealing with multi-thousand digit numbers in some of these cases, just huge numbers, far too hard for you or I to deal with and that's why I take so incredibly long. Now we know how the value was started and that was with somebody running a computer finding that Bitcoin and putting it on the market. Now, normally when you're looking at market and market volatility, markets are supply and demand based except for government interference. We certainly have a lot of that in the United States. We do not have a completely free market system, not even close. The free market says I had to dig this hole and in order to dig that hole, I had to have a big backhoe. Before that, I had to have a bucket or maybe some other heavy equipment to move all of the earth out of the way, the bulldozers, et cetera. Then I had to run that through some sort of a wash plant and all of these things cost me money. So basically it costs me whatever it might be, a hundred bucks, in order to find this piece of gold, and then that hundred bucks now that it costs him to do it is the basis for the value of that piece of gold. Obviously, I'm not using real numbers, but just simple numbers to give you an idea of how cryptocurrency works. So it's a hundred bucks for me to get that piece of gold out of the ground. Then that piece of gold is taken and goes to some form of a distributor. So I'm going to sell that piece of gold to somebody that's going to melt it down. They're going to assay it and say, yeah, this is a hundred percent pure gold, and then they'll sell it to someone and then they'll sell it to someone and then they'll sell it to a jeweler who then takes it and makes jewelry. Every time along there they're adding stuff onto it. But the basic value of gold is based on how hard it is to get and how many people want to get their hands on it. The law of supply and demand. You've seen that over the years, it's been true forever. Really? That's how human trade works. Capitalism, in reality, is just the ability of strangers to trade with each other is just an incredible concept. What we're talking about here with the cryptocurrency is much the same thing. The value of cryptocurrency goes up and down a lot. Right now, one Bitcoin is worth about 15,000, almost $16,000 per bitcoin. We'll talk about that. What is Bitcoin? How can I even buy it? Pizza for the silly things were 16 grand, right? It's like taking a bar of gold to buy a pizza. How do you do that? How do you deal with that? So we'll get into that, and then we'll get into how the tie between cryptocurrencies, particularly Bitcoin, and the criminal underground. That tie is extremely tight and what that means to you. It is tied directly into the value of Bitcoin. Right now the basis is it costs me 16 grand to mine, a Bitcoin. Therefore that's where I'm going to sell it for, of course, there are profit and everything else that you put into that $16,000 number. We've got a lot more to get to today. We're going to talk about this billion dollars, which is, that's a real piece of money here that the feds just seized. Right now talking about Bitcoin. What's the value of it? How is it tied into criminal enterprises and what's going on with the FBI seizure this week? Bitcoin's value has been going up and down. I just pulled up during the break, a chart showing me the value of Bitcoin over the last 12 months. It has been just crazy. going back years it was worth a dollar. I think the Bitcoin purchase was for a pizza, which is really interesting when you get right down to it. The guy says, Oh yeah, what the heck, take some Bitcoin for it. Okay. here we go. May 22nd, 2010 Lasso Lowe made the first real-world transaction by buying two pizzas in Jacksonville, Florida for 10,000 Bitcoin. 10,000 Bitcoin. So let me do a little bit of math here. Let me pull it up here. Today's price is about $15,750,000. So he bought it. Two pizzas for the value today, Bitcoin of $157 million. That's actually pretty simple math, $157 million. Okay, that was 10 years ago. The first Bitcoin purchase. So it has gone up pretty dramatically in price. I think the highest price for one Bitcoin was $17,900. It was almost $18,000 and then it's dropped down. It has gone up and it has gone down quite a bit over the years. It seems to have had a few really hard drop-offs when it hit about 14,000. Right now it is above that. So I'm not giving investment advice here, right? That's not what I do. We're talking about the technology that's behind some of this stuff, but one Bitcoin then. Is too much for a pizza, right? So he paid 10,000 Bitcoin for his first pizza. That's really cool, but, ah, today where it's another word, the Bitcoin was worth just a fraction of a cent each back then. Today you can't buy a pizza for one Bitcoin. So Bitcoin was designed to be chopped up so you can purchase and you can sell them at a fraction of a Bitcoin. That's how these transactions are happening. Now there's a lot of technology we won't get into that's behind all of this and how the transactions work and having a wallet, a Bitcoin wallet, and how the encryption works and how all of these logs work. The audits, basically the journals that are kept as accountants and how a majority of these have to vote and say that particular transaction was worthwhile. The fact that every Bitcoin transaction is not only stored but is stored on thousands of computers worldwide. Okay. There's a whole lot to that, but let's get into the practical side. If you are a bad guy. If you are a thief. If you're into extortion. If you're doing any of those things, how do you do it without the government noticing? In reality, it's impossible when you get right down to it. Nothing is completely anonymous and nothing ever will be most likely, completely anonymous. But they still do it anyway, because, in reality, they, the FBI or the secret service or whoever's investigating has to be interested enough in you and what you're doing in order to track you down. If they are interested enough, they will track you down. It really is that simple. Enter a convicted criminal by the name of Ross Ulbricht Ross was running something online, a website called the silk road. It was what's known as the dark web. If you've listened to the show long enough, the history of the dark web and that it was founded by the US government. In fact, the dark web is still maintained by the government. I'm pretty sure it's still the Navy that actually keeps the dark web online. The thinking was we have the dark web. It's difficult for people to track us here on the dark web and if we use something like Bitcoin, one of these cryptocurrencies for payment, then we are really going to be a lot safer. Then they added one more thing to the mix called a tumbler. And the idea with the tumbler is that if I'm buying something from you using Bitcoin, my wallet shows that I transferred the Bitcoin to you. All of these verification mechanisms that are in place around the world also know about our little transaction, everybody knows. The secrecy is based on the concept of a Swiss bank account. When with that Swiss bank account, you have a number and obviously you have a name, but it is kept rather anonymous. The same, thing's true with your wallet. You have a number, it's a big number to a hexadecimal number. It is a number that you can use and you can trade with. You've got a problem because, ultimately, someone looking at these logs who knows who you are or who I am or wants to figure out who either one of us is probably can. And once they know that they can now verify that you indeed are the person who made that purchase. So these tumblers will take that transaction instead of me transferring Bitcoin directly to you, the Bitcoin gets transferred to another wallet. Then from that wallet to another wallet and from that wallet to another wallet and from that wallet to a number of another wallet. Now is much more difficult to trace it because I did not have a transaction directly with you. Who is in the middle? That's where things start getting really difficult. But as Russ Ulbricht found out, it is not untraceable. He is behind bars with two life sentences plus 40 years. What they were doing on the silk road is buying and selling pretty much anything you can think of. You could get any hard drug that you wanted there, you could get fake IDs, anything, really, anything, even services that you might want to buy. There are thousands of dealers on the silk road. Over a hundred thousand buyers, according to the civil complaint that was filed on Thursday this week. Last week, actually, the document said that silk road generated a revenue of over 9.5 million Bitcoins and collected commissions from these sales of more than 600,000 Bitcoin. Absolutely amazing. Now you might wonder, okay. Maybe I can buy a pizza with Bitcoin or something elicit with Bitcoin, but how can I use it in the normal world while there are places that will allow you to convert Bitcoin into real dollars and vice versa? In fact, many businesses have bought Bitcoin for one reason and one reason in particular. That reason is insurance. They have bought Bitcoin in case they get ransomware. They just want it to sit in there, to use to pay ransoms. We'll talk more about that. We're turning into the Bitcoin hour, I guess today. we are talking a lot about it right now because it's one of the top questions I get asked. The IRS is saying that they may put a question on your tax return next year, about cryptocurrency specifically Bitcoin. So what's that all about? And by the way, the IRS had a hand in this conviction too. Your listening to Craig Peterson. We just mentioned, gentlemen, I don't know if he's a gentleman, by the name of Ross Ulbricht and he is behind bars for life. He was buying and selling on the. A website called the silk road. In fact, he was the guy running it, according to his conviction and two life terms, plus 40 years seems like a long time. In other words, he's not getting out. The internal revenue service had gotten involved with this as well because you are supposed to pay taxes on any money you earn. That is a very big deal when you're talking about potentially many millions of dollars. So let's figure this out. I'm going to say, some 9.5 million. So 9 million, 500,000. There we go, Bitcoin. What do we want to say? Let's say the average value of that Bitcoins over time, there was about $5,000 apiece. Okay. So let's see times 5,000, Oh wow. That's a big number. It comes back to 47 billion. There you go. $500 million dollars. Almost $50 billion. That's just really rough back of the envelope math. We have no idea. So that's a lot of money to be running through a website. Then the commission that he made on all of those sales is said to have been more than 600,000 Bitcoin. So again, 600,000 times let's say an average price of $5,000 per Bitcoin. So that's saying he probably made about $3 billion gross anyways, on these collected commissions. That is amazing. The IRS criminal investigation arm worked with the FBI to investigate what was happening here as well as, by the way, the secret service. I got a briefing on this from the secret service and these numbers are just staggering, but here's the problem. The guy was sentenced a few years ago. 2015 he was prosecuted successfully. where did all of his money go? His money was sitting there in Bitcoin, in an unencrypted wallet, because part of the idea behind your Bitcoin wallet is there are passcodes and nobody can get at that your wallet information unless they have the passcode. So they might know what your wallet number is, which they did. The secret service and the IRS knew his wallet number, but how can they get at that Bitcoin and the money it represents? They did. This is like something really from one of these, TV shows that I don't watch right there. What is it? NCU? The crime investigator unit CIU or whatever it is on TV. I can't watch those because there's so much stuff they get wrong technically, and I just start screaming at the TV. It's one of those things. What they found is that the wallet hadn't been used in five years. They found that just last week, people who've been watching his Bitcoin wallet number, found that they were about 70,000 Bitcoins transferred from the wallet. So people knew something was going on. Then we ended up having a confirmation. The feds had admitted that it was them. They had gone ahead and they had a hacker get into it. So here's a quote straight from the feds. That was an ARS Technica this week, according to the investigation, individual X was able to hack into silk road and gain unauthorized and illegal access and thereby steal the illicit cryptocurrency from silk road and move it into wallets and individual X controlled. According to the investigation, Ulbricht became aware of individual X's online identity and threatened individual X for the return of the cryptocurrency to Ulbricht. So Ulbricht had his cryptocurrency stolen, which by the way, is if you are dealing with Bitcoin, that is very common, not that it's stolen. It does get stolen and it's not uncommon. It's very common for the bad guys to try and hack into your Bitcoin wallet. That's part of the reason they install key loggers so they can see what the password is to your wallet. So apparently that unknown hacker did not return or spend the Bitcoin, but on Tuesday they signed consent and agreement to forfeiture with the US attorney's office in San Francisco and agreed to turn over the funds to the government. Very complex here. There are a lot of links that the Silkroad founder took to really obfuscate the transfer of the funds. There's tons of forensic expertise that was involved and they eventually unraveled the true origins of Bitcoin. It is absolutely amazing. Earlier this year they used a third-party Bitcoin attribution company to analyze the transactions that had gone through the silk road. They zeroed in on 54 trends and actions, the transferred 70,000 Bitcoins to two specific wallets. I said earlier, by the way, that it was hex, it isn't hex. It's mixed upper lower case. characters as well as numbers. And, so it's a base. What is it? 26, 40, 60 something. The Bitcoin is valued at about $354,000 at the time. I don't know about you. I find this stuff absolutely fascinating. There's a lot of details on how it was all done and they got the money back. So with a cryptocurrency, you're not completely anonymous. As the founder of the silk road finds out. You end up with criminal organizations trying to use it all the time. Just having and using Bitcoin can raise a red flag that you might be part of a criminal organization. So you got to watch that okay. In addition to that, The IRS is looking to find what it is you have made with your Bitcoin transactions because almost certainly those are taxable transactions. If you've made money off of Bitcoin. Now you'd have to talk to your accountant about writing off money that you lost when you sold Bitcoin after it had dropped. I do not own any Bitcoin. I don't. I played with this years ago and I created a wallet. I started doing some mining, trying to just get to know this, so I'm familiar with this. I've done it. I haven't played with it for a long time. If you have made money on Bitcoin and you sold those Bitcoin, or even if you transferred Bitcoin and the profits as Bitcoin, you all money to the IRS. Now the feds have their hands on almost a billion dollars worth of Bitcoin, just from this one guy. that's it for Bitcoin for today. We're going to talk about Uber and Lyft and how they're in the driver's seat right now to maybe remake labor laws in about two or three dozen States almost right away. Are you, or maybe somebody driving for Uber or Lyft, or maybe you've been thinking about it? There are a lot of problems nationwide when it comes to employee status. We're going to talk about the gig economy right now. Hey, thanks for joining me, everybody. You are listening to Craig Peterson. Hey, Uber and Lyft are two companies that I'm sure you've heard of. If you heard about the general category here, it's called the gig economy. The gig economy is where you have people doing small things for you or your business. That's a gig. So during this election season, for instance, I turned somebody on to a site called Fiverr, F I V E R R.com, which is a great site. I've used it many times. I turned them on saying that because they wanted a cartoon drawn there is no better place than to go to Fiverr. Find somebody who has a style you like, and then hire them. It used to be five bucks apiece, nowadays not so much, it could be 20, it could be a hundred, but it is inexpensive. When you hire somebody to do that as a contractor, there are rules and regulations to determine. If you are an employee versus an independent contractor, there are a lot of rules on all of this, including filing 1099s. But can you decide whether or not they are a contractor? So let's look at the rules here. I'm on the IRS website right now and they have some basic categories. So number one, behavioral control, workers, and employee, when the business has the right to direct and control the work performed by the worker. Even if that right is not exercised. Then they give some reasons for behavioral control, like the types of instructions given, when and where to work, the tools to use the degree of instruction. I think the big one is training to work on how to do the job, because frankly, even if you're hiring somebody to do something for you, that takes an hour. You have control over their behavior. But how about an Uber driver or Lyft driver? Are you telling them where to go? Duh, of course, you are. are you telling them, Hey, don't take that road because the Westside highway so busy this time of day, of course, you are? It looks like they might be employees but under behavioral control. Next step financial control. Does the business have a right to direct or control the financial and business aspects of the worker's job, such as significant investment in the equipment they're using unreimbursed expenses, independent contractors, and more likely to incur unreimbursed expenses than employees? there you go. Okay. So no that Uber Lyft driver, that person making the cartoon, I don't have any financial control over their equipment. Relationship. How do the worker and the business perceive their interaction with each other in written contracts? Or describe the relationship? Even if the worker has a contract that says they are a contractor does not mean that they aren't a contractor. By the way, if you're not withholding the taxes and paying them as an employee, and then they don't pay their taxes and the IRS comes coming after somebody they're coming after you as well for all of those that you did not pay taxes on. Then it goes into the consequences of misclassifying an employee goes on. So there are people who could maybe they're an employee, maybe their contractor, but with Uber and Lyft, California decided to put it on the ballot because both Uber and Lyft were saying, we're pulling out of California. California has a state income tax and they want to collect that income tax. Plus California, we're saying, Oh, we care about the drivers. Maybe they do. Maybe they don't. I'm a little jaded on that.I might say because I had a couple of companies out in California, way back in the day. So the California voters had it on the ballot just here. What a week ago? A little more than a week ago, maybe two almost now isn't it. They decided to let Uber and other gig economy companies continue to treat the workers as independent contractors. That is a very big deal. Because now what's happened because of this overwhelming approval of proposition 22, these companies are now exempt from a new employment law that was passed last year in California. So what goes out the window here the well minimum rate of pay, healthcare provisions, et cetera. And by the way, They still can get this minimum pay and healthcare provisions. Okay. They can still get it. It's still mandated out there, but it's absolutely just phenomenal. Apparently, the law that was passed last year was started because these gig people can really cut the cost of something and other people just weren't liking it. Frankly, gig companies also outspent the opposition by a ratio of $10 to $1, which is amazing. 10 to one on. Trying to get this proposition to pass. So it's a very big deal. And what it means is in California, these gig workers are independent contractors, but there's a couple of dozen states that are looking at this, including to our South, or maybe the state you're listening in. If you're listening down in mass right now, but South of where I am. In Massachusetts, the state attorney general has sued Uber and Lyft over worker classification. And this, of course, is going to have nothing to do with what happened in California right now. There are other States who are looking into this right now and you'll be just totally surprised. They're all left-wing States. I'm sure. I hope you were sitting down, New York, Oregon, Washington state, New Jersey, and Illinois. Okay. so we'll see what happens here. The companies have tried to make a good with the unions. Unions, pretty upset about this, good articles. So you might want to look it up online. Now I want to, before this hour is up, talk about ransom payments. I have mentioned before on the show that the department of justice now looks at people and businesses, paying ransomware as supporting terrorist operations. Did you realize that it's like sending money off to Osama Bin Laden, back in the day? Because if you do pay a ransom, the odds are very good that it is going to a terrorist organization. Oh, okay. It could be Iran. Are they terrorists? No, but they do support terrorism, according to the state department. Is Russia terrorist. no, but are they attacking us? Is this okay? Is there an attack of the United States, a terrorist attack? This is bringing up all kinds of really interesting points. One of them is based on arrests that were made about three weeks ago where some hackers were arrested on charges of terrorism. It is affecting insurance as well. I've mentioned before that we can pass on to our clients a million dollars worth of insurance underwritten by Lloyd's of London. Very big deal. But when you dig into all of these different types of insurance policies, we're finding that insurance companies are not paying out on cyber insurance claims, they'll go in and they'll say, you were supposed to do this, that, and the other thing. You didn't do it, so we're not paying. We've seen some massive lawsuits that have been brought by very big, very powerful companies that did not go anywhere, because again they were not following best practices in the industry. So this is now another arrow in the quiver, the insurance companies to say. Wait a minute, you arrested hackers who were trying to put ransomware on machines and did in many cases and charged a ransom. You charge them with terrorism. Therefore, the federal government has acknowledged that hacking is a form of terrorism. Isn't that kind of a big deal now. So it's an act of terrorism. Therefore we don't have to payout. It's just if your home gets bombed during a war, You don't get compensation from the insurance company, and ransomware victims now that pay these bad guys to keep the bad guys from releasing data that they stole from these ransomware victims are finding out that data that was stolen is being released anyways. So here's, what's going on. You get ransomware on your machine. Time was everything's encrypted and you get this nice big red and warning label and you pay your ransom. They give you a key and you have a 50% chance that they are in fact, going to get your data back for you. Nowadays, it has changed in a big way where they will gain control of your computer. They will poke around on your computer. Often an actual person poking around on your computer. They will see if it looks interesting. If it does, they will spread laterally within your company. We call that East-West spread and they'll find documents that are of interest and they will download them from your network, all without your knowledge and once they have them, they'll decide what they're going to charge you as a ransom. So many of these companies, the bad guys. Yeah. They have companies, will ransom your machines by encrypting everything, and the same pay the ransom, get your documents back. Then what'll happen is they will come back to you, maybe under the guise of a different, bad guy, hacker group. They'll come back to you and say, if you don't pay this other ransom, we're going to release all your documents, and you're going to lose your business. Yeah, how's that for change? So paying a ransom is no guarantee against them releasing your files. Hey, we've been talking about how computers are everywhere. What can we expect from our computerized cars? What can we expect from computers? Intel has had a monopoly with Microsoft called the Wintel monopoly. So if you missed part of today's show. Make sure you double-check and also make sure you are on my newsletter list. I'm surprised here how every week I get questions from people and it's great. That's it. I love to help. I was asked when I was about 19 to read this little book and to also to fill out a form that said what I wanted on my headstone. That's it heady question to ask somebody at 19 years of age, but I said that this was pretty short and sweet. I said, "he helped others." Just those three words, because that's what I always wanted to do. That's what I always enjoyed doing. You can probably tell that's why I'm doing what I'm doing right now is to help people stop the bad guys and to make their lives a little bit better in the process, right? That's the whole goal. That's the hope anyway. If you need a little help, all you have to do is reach out. Be glad to help you out. Just email me M E at Craig Peterson dot com. Or if you're on my email list, you'll get all of my weekly articles, everything I talked about here on the show, as well as my during the week little emails that I send out with videos that I've been doing. I've been putting more together. Didn't get any out this week I had planned to, but I probably will get them out next week. I was able to make a couple of this week and we'll queue them up for the coming week, but you'll get all of that. So just go to. Craig peterson.com/subscribe. You'll find everything there. As part of all of that of course, you will also be getting information about the training that I do. I do all kinds of free pieces of training and webinars, and I've got all kinds of reports. One of the most popular ones lately has been my self-audit kit. It's a little tool kit that you can use to audit, your business and see if you are compliant. It's just a PDF that you can take from the email that I send you. If you ask for it, all you have to do is ask for an audit kit, put that in the subject line, and email me@craigpeterson.com and we'll get you going. So I've had a few people who have this week said, Hey, can you help me out? What do I do? I help them out and It turns out when I'm helping them out, they're not even on my email list. So I'll start there. If you're wondering where to start, how to get up to speed a little bit, right? You don't have to know all of this stuff like the back of your hand, but you do have to have the basic understanding. Just go online. And a signup Craig peterson.com/subscribe would love to have you there. Even when we get into ice station zebra weather here coming up in not so long, unfortunately, in the Northeast. When you're thinking about your computer and what to buy. There are a lot of choices. Of course, the big ones nowadays are a little different than they were just a few years ago. Or a couple of years ago, you used to say, am I going to get a Windows computer, or am I going to get a Mac now? I think there's a third choice that's really useful for most people, depends on what you're doing. If what you do is some web browsing, some email, and also might do a couple of things with some video and pictures and organizing you really should look at the third option. Which is a tablet of some sort and that is your iPad. Of course, the number one in the market, these things last a long time. They retain their value. So their higher introductory price isn't really a bad thing. And they're also not that much more expensive when you get right down to it and consider the resale value of them. So have a look at the tablet, but that's really one of the three major choices also today when you're deciding that you might not be aware of it, but you are also deciding what kind of processor you're going to be using. There is a lot of work that's been done going on arm processors. What they are called A R M. I started working with this class of processor, also known as RISC, which is reduced instruction set processors, many years ago, back in the nineties. I think it was when I first started working with RISC machines. But the big difference here is that these are not Intel chips that are in the iPads that are in or our iPhones, they aren't Intel or AMD processors that are in your Android phones or Android tablet. They're all using something that's called ARM architecture. This used to be called advanced RISC machine acorn risk machine. They've been around a while, but ARM is a different type of processor entirely than Intel. the basic Intel design is to try and get as much done with one instruction as possible. So for instance, if you and I decided to meet up for Dunkin donuts, I might say, okay, so we're going to go to the Duncan's on Elm Street, but the one that's South of the main street, and I'll meet you there at about 11 o'clock. And then I gave you some of the directions on how to get to the town, et cetera. And so we meet at dunks and to have a good old time. That would be a RISC architecture, which has reduced instructions. So you can tell it, okay, you get to take a right turn here, take a left turn there. In the computing world, it would be, you have to add this and divide that and then add these and divide those and subtract this. Now to compare my little dunk story. What you end up doing with an Intel processor or what's called a CISC processor, which is a complex instruction set, is we've already been to dunks before that dunks in fact, so all I have to say is I'll meet you at dunks. Usual time. There's nothing else I have to say. So behind all of that is the process of getting into your car, driving down to dunks the right town, the right street, the right dunks, and maybe even ordering. So in a CISC processor, it would try and do all of those things with one instruction. The idea is, let's make it simple for the programmer. So all of the programmers have to do, if the programmer wants to multiply too, double-precision floating-point numbers, the programmer that if he's just dealing with machine-level only has to have one instruction. Now those instructions take up multiple cycles. We can. Get into all the details, but I think I've already got some people glazing over. But these new ARM processors are designed to be blindingly fast is what matters. We can teach a processor how to add, and if we spend our time figuring out how to get that processor to add faster. We end up with ultimately faster chip and that's the theory behind risk or reduced instruction set computers, and it has taken off like wildfire. So you have things like the iPad pro now with an arm chip that's in there designed by Apple. Now they took the basic license with the basic ARM architecture and they've advanced it quite a bit. In fact, but that Ipad processor now is faster than most laptop processors made by Intel or AMD. That is an impressive feat. So when we're looking a little bit forward, we're no longer looking at machines that are just running an Intel instruction set. We're not just going to see, in other words, the Intel and AMD inside stickers on the outside of the computer. Windows 10 machines running on ARM processors are out already. Apple has announced arm based laptops that will be available very soon. In fact, there is a scheduled press conference. I think it's next week by Apple, the 15th. Give or take. Don't hold me to that one, but they're going to have a, probably an announcement of the iPhone 12 and maybe some delivery dates for these new ARM-based laptops. So these laptops are expected to last all day. Really all day. 12 hours worth of working with them, using them. They're expected to be just as fast or faster in some cases as the Intel chips are. So ARM is where things are going. We already have the Microsoft updated surface pro X. That was just announced about two weeks ago, which is ARM-based. We've gotten macs now coming out their ARM base. In fact, I think they're going to have two of them before the end of the year. Both Apple and Microsoft are providing support for x86 apps. So what that means is the programs that you have bought that are designed to run on an Intel architecture will run on these ARM chips. Now, as a rule, it's only the 64-bit processes that are going to work. The 32-bit processes, if you haven't upgraded your software to 64 bits yet you're gonna have to upgrade it before you can do the ARM migration. We're going to see less expensive computers. Arm chips are much cheaper as a whole than Intel. Intel chips are insanely high priced. They are also going to be way more battery efficient. So if you're looking for a new computer. Visual studio code has been updated optimized for windows 10 on ARM. We're going to see more and more of the applications coming out. And it won't be long, a couple of years now, you will have a hard time finding some of the Intel-based software that's out there. "it won't happen to me." That's our next topic. We've got companies who are investing a lot of money to upgrade the technology, to develop security processes, boost it. Staff yet studies are showing that they're overlooking the biggest piece of the puzzle. What is the problem? Employee apathy has been a problem for many businesses for a very long time. Nowadays, employee apathy is causing problems on the cybersecurity front. As we've talked about so many times, cybersecurity is absolutely critical. For any business or businesses are being attacked sometimes hundreds of times, a minute, a second, even believe it or not. Some of these websites come under attack and if we're not paying close attention, we're in trouble. So a lot of companies have decided while they need to boost their it staff. They've got to get some spending in on some of the hardware that's going to make the life. Better. And I am cheering them on. I think both of those are great ideas, but the bottom line problem is there are million-plus open cyber security IT jobs. So as a business, odds are excellent that you won't be able to find the type of person that you need. Isn't that a shame? But I've got some good news for you here. You can upgrade the technology that's going to help. But if you upgrade the technology, make sure you're moving towards, what's called a single pane of glass. You don't want a whole bunch of point solutions. You want something that monitors everything. Pulls all of that knowledge together uses some machine learning and some artificial intelligence and from all of that automatically shuts down attacks, whether they're internal or external, that's what you're looking for. There are some vendors that have various things out there. If you sell to the federal government within three years, you're going to have to meet these new requirements, the CMMC requirements, level three, four, level five, which are substantial. You cannot do it yourself, you have to bring in a cybersecurity expert. Who's going to work with your team and help you develop a plan. I think that's really great, really important, but here's where the good news comes in. You spent an astronomical amount of money to upgrade this technology and get all of these processes in place and you brought in this consultant, who's going to help you out. You boosted your IT staff. But studies are starting to indicate that a lot of these businesses are overlooking the biggest piece of the puzzle, which is their employees. Most of these successful attacks nowadays are better than 60%, it depends on how you're scoring this, but most of the attacks these days come in through your employees. That means that you clicked on a link. One of your employees clicked on a link. If you are a home user, it's exactly the same thing. The bad guys are getting you because you did something that you should not have done. Just go have a look online. If you haven't already make sure you go to have I been poned.com. Poned is spelled PWNED Have a look at it there online and try and see if your email address and passwords that you've been using have already been compromised. Have already been stolen. I bet they have, almost everybody has. Do you know what to do about that? This is part of the audit kit that I'll send to you. If you ask for that. Kind of goes through this and a whole lot of other stuff. But checking to see if your data has been stolen, because now is they use that to trick people. So they know that you go to a particular website that you use a particular email address or password. They might've been able to get into one of these social networks and figure out who your friends are. They go and take that information. Now a computer can do this. They just mine it from a website like LinkedIn, find out who the managers in the company are. And then they send off some emails that look very convincing, and those convincing emails get them to click. That could be the end of it. Because you are going somewhere, you shouldn't go and they're going to trick you into doing something. Knowledge really is the best weapon when it comes to cybersecurity. A lot of companies have started raising awareness among employees. I have some training that we can provide as well. That is very good. It's all video training and it's all tracked. We buy these licenses in big bundles. If you are a small company contact me and I'll see if I can't just sneak you into one of these bundles. Just email me @craigpeterson.com in the subject line, put something like training, bundle, or something. You need to find training for your employees and their training programs need to explain the risk of phishing scams. Those they're the big ones. That's how most of the ransomware it gets into businesses is phishing scams. That's how ransomware gets down to your computers. You also need to have simulations that clarify the steps you need to take when faced with a suspicious email. Again, if you want, I can point you to a free site that Google has on some phishing training and it's really quite good. It walks you through and shows you what the emails might look like and if you want to click or not. But there's a lot of different types of training programs. You've got to make sure that everybody inside your organization or in your, family is educated about cybersecurity. What do you do when you get an email that you suspect might be a phishing email? They need to know that this needs to be forwarded to IT, or perhaps they just tell IT, Hey, it's in my mailbox, if IT has access to their mailbox, so IT can look at it and verify it. You need to have really good email filters, not the type that comes by default with a Microsoft Windows 365 subscription, but something that flags all of this looks for phishing scams, and blocks them. There's been a ton of studies now that are showing that there is a greater awareness of cybersecurity dangers, but the bottom-line problem is that employees are still showing a lax attitude when it comes to practicing even the most basic of cybersecurity prevention methods. TrendMicro, who is a cybersecurity company. We tend to not use their stuff because it's just not as good. But TrendMicro is reporting that despite 72% of employees claim to have gained better cybersecurity awareness during the pandemic 56% still admitted to using a non-work application on a company device. Now that can be extremely dangerous. 66% admitted uploading corporate data to that application. This includes by the way, things like using just regular versions of Dropbox. Do you share files from the office and home? Dropbox does have versions that are all that have all kinds of compliance considerations that do give you security. But by default, the stuff a home user does not get the security you need. They're doing all of this even knowing that their behavior represents a security risk. And I think it boils right down to, it's not going to happen to me. Just apathy and denial. So same thing I've seen, being a security guy for the last 30 years, I've seen over and over, apathy and denial. Don't let it happen to them. By the way, about 50% believe that they could be hacked no matter what protective measures are taken. 43% took the polar opposite. They didn't take the threat seriously at all. 43% didn't believe they could be hacked. We're going to talk about Mac OS is driving cybersecurity rethink. By the way to follow up on that last segment. So Millennials and Generation Z are terrible with security. They keep reusing passwords. They accept connections with strangers. Most of the time. If that's not believable, I don't know what it is. They've grown up in this world of share everything with everyone. What does it matter? Don't worry about it. Yeah. I guess that's the way it goes. Right? Kids these days. Which generation hasn't said that in the past? We were just talking about millennials, generation Z, and the whole, it won't happen to me, employee apathy and we've got to stop that. Even within ourselves, right? We're all employees in some way or another. What does that mean? It means we've got to pay attention. We've' got to pay a lot of attention and that isn't just true in the windows world. Remember we've got to pay attention to our network. You should be upgrading the firmware on your switches, definitely upgrading the software and firmware in your firewalls and in your routers, et cetera. Keep that all up to date. Even as a home user, you've got a switch or more than one. You've got a router. You've got a firewall in many cases that equipment is provided by your ISP internet service provider. If you've got a Comcast line or a FairPoint, whatever, it might be coming into your home, they're providing you with some of that equipment and you know what their top priority is not your security. I know. Shocker. Their top priority is something else. I don't know, but it sure isn't security. What I advise most people to do is basically remove their equipment or have them turn off what's called network address translation. Turn off the firewall and put your own firewall in place. I was on the phone with a lady that had been listening to me for years, and I was helping her out. In fact, we were doing a little security audit because she ran a small business there in her home. I think she was an accountant if I remember right. She had her computer hooked up directly to the internet. She kind of misunderstood what I was saying. I want to make clear what I'm saying here. People should still have a firewall. You still need a router, but you're almost always better off getting a semi-professional piece of hardware. The prosumer side, if you will, something like the Cisco GO hardware and put that in place instead of having the equipment that your ISP is giving you. We've got to keep all of this stuff up to date. Many of us think that Macs are invulnerable, Apple Macintoshes, or Apple iOS devices, like our iPhones and iPads. In many ways they are. They have not been hit as hard as the Windows devices out there. One of the main reasons is they're not as popular. That's what so many people that use Windows say you don't get hit because you're just not as popular. There is some truth to that. However, the main reason is that they are designed from the beginning with security in mind, unlike Windows, that security was an absolute afterthought for the whole thing Don't tell me that it's because of age. Okay. I can hear it right now. People say, well, Mac is much, much newer than Microsoft Windows. Microsoft didn't have to deal with all of this way back when. How I respond to that is, yeah. Microsoft didn't have to deal with it way back when because it wasn't connected to a network and your viruses were coming in via floppy desk. Right? They really were. In fact, the first one came in by researchers. The operating system that Apple uses is much, much, much older than windows and goes back to the late 1960s, early 1970s. So you can't give me that, it is just that they didn't care. They didn't care to consider security at all. Which is something that's still one of my soapbox subjects, if you will. Security matters. When we are talking about your Macs, you still have to consider security on a Mac. It's a little different on a Mac. You're probably want to turn on some things. Like the windows comes with the firewall turned on however it has all of its services wide open. They're all available for anybody to attach to. That's why we have our windows hardening course that goes through, what do you turn off? How do you turn it off? What should you have in the windows firewall? Now the Mac side, all of these services turned off by default, which is way more secure. If they're not there to attack, they're not going to be compromised. Right. They can't even be attacked the first place. So I like that strategy, but you might want to turn on your firewall on your Mac anyways. There are some really neat little features and functions in it. But the amount of malware that's attacking Apple Macintoshes, nowadays, is twice as much as it used to be. We've got these work from home people. We've got IT professionals within the companies, just scrambling to make it so that these people who are working from home can keep working from home. It's likely a permanent thing. It's going to be happening for a long time. But these incidents of malware on the Mac is pretty limited in reality. The malware on a Mac is unlikely to be any sort of ransomware or software that particularly steals things like your Excel files or your Word docs on a Mac, I should say it is much more likely to be outerwear. It's much more likely to be. Adware or some other unwanted programs and that's, what's rising pretty fast on Macs. Mac-based companies are being concerned here about cyber security issues. They are paying more attention to them. They're windows based counterparts have had to deal with a lot of this stuff for a long time because they were targets. So we've got to divide the Mac really into two pieces, just like any other computer. You've got the operating system with its control over things like the network, et cetera. Then you have the programs or applications, right? That is running on that device. So you want to keep both of them secure. The applications that are running on your device, Apple's done a much, much better job of sandboxing them. Making them so that they're less dangerous. The latest release, in fact, Catalina had a lot of security stuff built into that. Microsoft and Windows 10 added a lot more security. So that's all really, really good. Now, if you have to maintain a network of Macs, we like IBM software. They have some great software for managing Macs, but if you want something that's inexpensive and very usable to configure Macs and control the software on them. Have look at JAMF, J A M F. They just had their user's conference this last weekend. They were talking about how the landscape has changed over on the Mac side. All right. We've got one more segment left today and I'm going to talk about these cybersecurity frameworks. What should you be using? If you are a business or a home user, what are those checkboxes that you absolutely have to have to use? You might've heard about cybersecurity frameworks? Well, the one that's most in use right now is the NIST cybersecurity framework that helps guide you through the process of securing your business or even securing your home. That's our topic. It's a great time to be out on the road and kind of checking in. We've got security threats that have been growing quite literally. Exponentially. They are really making a lot of money by extorting it from us, stealing it from us. It's nothing but frustration to us. It's never been more important to put together an effective cybersecurity risk management policy. That's true if you're a home user and you've got yourself and your spouse and a kid or two in the home. Have a policy and put it together. That's where NIST comes in handy. NIST is the National Institute of standards and technology they've been around a long time. They've been involved in cryptography. These are the guys and gals that give us accurate clocks. In fact, we run two clocks here that we have for our clients, which are hyper-accurate. It's crazy it down to the millionth of a second. It's just amazing. That's who NIST is. They've put all these standards together for a very, very long time, but just before March, this year, It was reported that about 46 percent of businesses had suffered cyber attacks in 2019. That was up 10% from the year before. Of course, we've all been worried about the Wuhan virus, people getting COVID-19, it is a problem. The biggest part of the problem is everybody's worried about it. Nobody wants to go to work. They don't want to go out to a restaurant. They don't want to do any of these things. You as a business owner are worried about how do you keep your business doors open? How do you provide services to the customers you have when your employees won't come in or cooperate or were paid more to stay at home than they would be to come back to work. I get it right. I know I'm in the same boat. Well, because of that we just have not been paying attention to some of the things we should be doing. One of the main ways that business people can measure their preparedness and their progress in managing cyber security-related risks, is to use the cybersecurity framework that is developed by NIST. It is a great framework. It provides you with different levels. The higher-end, the framework that is used by military contractors. Nowadays, we've been helping businesses conform to what's called NIST 800-171 and 800-53 High, which are both important and cybersecurity standards. So if you really, really, really need to be secure, are those are the ones you're going to be going with. Right now, no matter how much security you need I really would recommend you checking it out. I can send you information on the NIST framework. I have a little flow chart. I can send you to help to figure out what part of the framework should you be complying with. It also helps you figure out if you by law need to be complying with parts of the framework. It will really help you. It's well thought out. It's going to make you way more efficient as you try and put together and execute your cyber risk management policy. Remember cyber risk, isn't just for the software that you're running, or the systems you're running. It's the people, it includes some physical security as well. Now President Trump has been very concerned about it. I'm sure you've heard about it in the news. As he's talked about problems with TicTok and with Huawei and some of these other manufacturers out there. Huawei is a huge problem. Just absolutely huge. One of these days I can give you the backstory on that, but how they completely destroyed one of the world leaders in telecommunications technology by stealing everything they had. Yeah. It's a very sad story company you may have heard of, founded over a hundred years ago. They're non-regulatory but they do publish guides that are used in regulations. So have a look at them, keep an eye on them. They have to help federal agencies as well. Meet the requirements is something called the federal information security management act called FISMA and that relates to the protection of government information and assets. So if you are a contractor to the federal government, pretty much any agency, you have physical requirements. So think about that. Who do you sell things to? When you're also dealing with the federal government they look at everything that you're doing and say, are you making something special for us? If you are, there are more and higher standards that you have to meet as well. It just goes on and on, but this framework was created by NIST ratified by Congress in 2014. It's used by over 30% of businesses in the US and will probably be used by 50% of businesses in the US this year. So if you're not using them you might want to have a look at them. It's big companies like JP Morgan, Chase, Microsoft, Boeing, and Intel who meet a much higher standard than most businesses need to meet. For a lot of businesses all you need to meet is what's called the CMMC one standard. You'll find that at NIST as well. And there are much higher levels than that up to level five, which is just, wow. All of the stuff that you have to keep secured looks like military level or better, frankly security. There are other overseas companies that are using it too, by the way in England, in Japan, Canada, many of them. I'm looking at the framework right now. The basic framework is to identify, protect, detect, respond, and recover. Those are the main parts of it. That's you have to do as a business in order to stay in business in this day and age, they get into it in a lot more detail. They also have different tiers for different tiers that you can get involved in. Then subcategories. I have all of this framework as part of our audit kit that I'll send out to anybody that asks for it that's a listener. All you have to do is send an email to me, M E @craigpeterson.com, and then the subject line, just say audit kit and I'll get back to you. I'll email that off to it's a big PDF. You can also go to NIST in the online world and find what they have for you. Just go to NIST, N I S T.gov, The National Institute of Standards and Technology, and you'll see right there, cybersecurity framework, it's got all of the stuff there. You can learn more here if you want. If you're new to the framework they've got online learning. They are really working hard to try and secure businesses and other organizations here in the U S and as I said used worldwide. It's hyper, hyper important. It's the same framework that we rely on in order to protect our information and protect our customer's information. So NIST, N I S T.gov, check it out. If you missed it today, you're going to want to check out the podcast. Now you can find the podcast on any of your favorite podcasting platforms. It is such a different world. Isn't it? We started out today talking about our cars. Our cars now are basically big mechanical devices ever so complex with computers, controlling them. But the cars of tomorrow that are being built by Tesla and other companies, those cars are absolutely amazing as well, but they're frankly, more computer than they are mechanical car. So what should we expect from these cars? I'm talking about longevity here. We expect a quarter-million miles from our cars today. Some of these electric vehicles may go half a million or even a million miles in the future. When they do that, can we expect that? Our computers get operating system updates and upgrades, for what five years give or take? If you have an Android phone, you're lucky if you get two years' worth of updates. Don't use Android, people. It's just not secure. How about our cars? How long should we expect updates for the firmware in our cars? So that's what we talked about first, today. Ring has a new security camera that is absolutely cool. It's called the always home cam. I talked about it earlier. It is a drone that flies around inside your house and ties into other Ring equipment. I think it's absolutely phenomenal and it's not quite out yet, but I'll let you know more about that. If you get ransomware and you pay the ransom, the feds are saying now that you are supporting terrorist organizations. You might want to be careful because they are starting to knock on doors, and there's jail time behind some of these things. So watch it when it comes ransomware and a whole lot more as well. So make sure you visit me online. Go to Craig peterson.com/subscribe. It's very important that you do that and do that now. So you'll get my weekly newsletter. I've got some special gifts, including security, reboot stuff that I'll send to you right away. Craig peterson.com/subscribe. --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553
Craig discusses the oversharing attitudes of Millennials and Generation Z, and the importance of paying attention to our networks, how it can lead to malware in businesses, and what can be done to stop it. For more tech tips, news, and updates, visit - CraigPeterson.com --- Right To Repair Or A Fight For Survival? Ring’s latest security camera is a drone that flies around inside your house Malware Attacks Declined But Became More Evasive in Q2 Elon Musk reveals plans to slash electric battery costs, build $25,000 Tesla Paying ransomware demands could land you in hot water with the feds Windows 10 machines running on ARM will be able to emulate x64 apps soon 'It Won't Happen to Me': Employee Apathy Prevails Despite Greater Cybersecurity Awareness Rise in Remote MacOS Workers Driving Cybersecurity 'Rethink' A Guide to the NIST Cybersecurity Framework --- Automated Machine-Generated Transcript: By the way, to follow up on that last segment. So Millennials and Generation Z are terrible with security. They keep reusing passwords. They accept connections with strangers. Most of the time. If that's not believable, I don't know what it is. They've grown up in this world of share everything with everyone. What does it matter? Don't worry about it. Yeah. I guess that's the way it goes. Right? Kids these days. Which generation hasn't said that in the past? You're listening to Craig Peterson. Thanks for joining me today. We were just talking about millennials, generation Z, and the whole, it won't happen to me, employee apathy, and we've got to stop that. Even within ourselves, right? We're all employees in some way or another. What does that mean? It means we've got to pay attention. We've' got to pay a lot of attention, and that isn't just true in the windows world. Remember, we've got to pay attention to our network. It would be best if you were upgrading the firmware on your switches, definitely upgrading the software and firmware in your firewalls and your routers, et cetera. Keep that all up to date. Even as a home user, you've got a switch or more than one. You've got a router. You've got a firewall in many cases, that your ISP internet service provider provides equipment. If you've got a Comcast line or a FairPoint, whatever, it might be coming into your home, they're providing you with some of that equipment, and you know what their top priority is not your security. I know. Shocker. Their top priority is something else. I don't know, but it sure isn't security. What I advise most people to do is basically remove their equipment or have them turn off what's called network address translation. Turn off the firewall and put your own firewall in place. I was on the phone with a lady that had been listening to me for years, and I was helping her out. In fact, we were doing a little security audit because she ran a small business there in her home. I think she was an accountant if I remember right. She had her computer hooked up directly to the internet. She misunderstood what I was saying. I want to make this clear what I'm saying here. People should still have a firewall. It would be best if you still had a router, but you're almost always better off getting a semi-professional piece of hardware. If you will, the prosumer side, something like the Cisco GO hardware, put that in place instead of having the equipment that your ISP is giving you. We've got to keep all of this stuff up to date. Many of us think that Macs are invulnerable, Apple Macintoshes, or Apple iOS devices, like our iPhones and iPads. In many ways, they are. They have not been hit as hard as the Windows devices out there. One of the main reasons is they're not as popular. That's what so many people that use Windows say you don't get hit because you're just not as popular. There is some truth to that. However, the main reason is that they are designed from the beginning with security in mind; unlike Windows, security was an absolute afterthought for the whole thing. Don't tell me that it's because of age. Okay. I can hear it right now. People say, well, Mac is much, much newer than Microsoft Windows. Microsoft didn't have to deal with all of this way back when. How I respond to that is, yeah. Microsoft didn't have to deal with it way back when it wasn't connected to a network and your viruses coming in via floppy desk. Right? They really were. In fact, the first one came in by researchers. Apple's operating system is much, much older than windows and goes back to the late 1960s, early 1970s. So you can't give me that it is just that they didn't care. They didn't care to consider security at all, which is still one of my soapbox subjects if you will. Security matters. When we are talking about your Macs, you still have to consider security on a Mac. It's a little different on a Mac. You're probably want to turn on some things. The windows come with the firewall turned on; however, it has all of its services wide open. They're all available for anybody to attach to. That's why we have our windows hardening course that goes through, what do you turn off? How do you turn it off? What should you have in the windows firewall? Now the Mac side, all of these services turned off by default, which is way more secure. If they're not there to attack, they're not going to be compromised. Right. They can't even be attacked in the first place. So I like that strategy, but you might want to turn on your firewall on your Mac anyways. There are some elegant little features and functions in it. But the amount of malware that's attacking Apple Macintoshes, nowadays, is twice as much as it used to be. We've got these work from home people. We've got IT professionals within the companies, just scrambling to make it so that these people working from home can keep working from home. It's likely a permanent thing. It's going to be happening for a long time. But these incidents of malware on the Mac is pretty limited in reality. The malware on a Mac is unlikely to be any ransomware or software that particularly steals things like your Excel files or your Word docs on a Mac, and I should say it is much more likely to be outerwear. It's much more likely to be. Adware or some other unwanted programs, and that's what's rising pretty fast on Macs. Mac-based companies are being concerned here about cybersecurity issues. They are paying more attention to them. They're windows based counterparts have had to deal with a lot of this stuff for a long time because they were targets. So we've got to divide the Mac really into two pieces, just like any other computer. You've got the operating system with its control over things like the network, et cetera. Then you have the programs or applications. That is running on that device. So you want to keep both of them secure. The applications running on your device, Apple's done a much, much better job of sandboxing them. Making them so that they're less dangerous. The latest release, in fact, Catalina had a lot of security stuff built into that. Microsoft and Windows 10 added a lot more security. So that's all really, really good. Now, if you have to maintain a network of Macs, we like IBM software. They have some great software for managing Macs, but if you want something inexpensive and very usable to configure Macs and control the software on them. Have a look at JAMF, J A M F. They just had their user's conference this last weekend. They were talking about how the landscape has changed over on the Mac side. All right. We've got one more segment left today, and I'm going to talk about these cybersecurity frameworks. What should you be using? If you are a business or a home user, what are those checkboxes that you absolutely have to have to use? You're listening to Craig Peterson. Stick around. --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553
2. Teil: Viren, Trojanische Pferde, Würmer, Adware, Scareware... Für einen Laien ist es kaum möglich die Unterschiede zu kennen. Meist sind diese aber auch nicht so wichtig. Wichtig ist dagegen über einen angemessenen Schutz davor zu verfügen. Was ist überhaupt ein Virus?! Wie funktionieren Antiviren-Programme?! Das alles erklären Dir Deine IT-Experten Andreas Wisler und Sandro Müller.
After over a million downloads, the Tekya-infected Android offerings are finally on ice.
Is iOS just adware as an article this week suggested? I don't think so, but I also see where they're coming from, and Apple needs to be careful with how they balance a great software experience with getting people to pay for their ever-growing library of premium services.
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Popular Android Selfie Apps Act as Adware https://www.wandera.com/mobile-security/google-play-adware/ Wireshark Update https://www.wireshark.org/docs/relnotes/wireshark-3.0.5.html Harbor Privilege Escalation https://unit42.paloaltonetworks.com/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097/
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Exploiting Struts in vCenter https://isc.sans.edu/forums/diary/Struts+Vulnerability+CVE20175638+on+VMware+vCenter+the+Gift+that+Keeps+on+Giving/24606/ Wikipedia Tech Support Scam https://isc.sans.edu/forums/diary/Wikipedia+Articles+as+part+of+Tech+Support+Scamming+Campaigns/24608/ Stealing MacOS Keychain https://www.youtube.com/watch?v=nYTBZ9iPqsU Beauty Camera Ads for Android include Adware https://blog.trendmicro.com/trendlabs-security-intelligence/various-google-play-beauty-camera-apps-sends-users-pornographic-content-redirects-them-to-phishing-websites-and-collects-their-pictures/
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+January+2019+Patch+Tuesday/24504/ https://patchtuesdaydashboard.com/ Adobe Updates https://helpx.adobe.com/security.html Google Play Store Adware https://blog.trendmicro.com/trendlabs-security-intelligence/adware-disguised-as-game-tv-remote-control-apps-infect-9-million-google-play-users/ Ethereum Classic 51% Attack https://blog.coinbase.com/ethereum-classic-etc-is-currently-being-51-attacked-33be13ce32de
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Scam Calls Targeting Chinese Living in the US https://isc.sans.edu/forums/diary/Fake+BankPost+Office+Phone+Calls+Targeting+Chinese+Immigrants/24244/ X.org Privilege Elevation Flaw https://lists.x.org/archives/xorg-announce/2018-October/002927.html Remote Videos in Office Documents https://blog.cymulate.com/abusing-microsoft-office-online-video Mac Malware Injects Ads https://blog.malwarebytes.com/threat-analysis/2018/10/mac-malware-intercepts-encrypted-web-traffic-for-ad-injection/
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Guilty By Association https://isc.sans.edu/forums/diary/Guilty+by+association/23800/ Filezila and Adware https://forum.filezilla-project.org/viewtopic.php?t=48441 iOS Pin Brute Forcing Confusion https://twitter.com/hackerfantastic/status/1010631766087032832 https://twitter.com/hackerfantastic/status/1010240042990596096 Azure Baseline Security Policy https://cloudblogs.microsoft.com/enterprisemobility/2018/06/22/baseline-security-policy-for-azure-ad-admin-accounts-in-public-preview/ Phone Battery Usage as Keystroke Logger https://sites.google.com/site/silbersteinmark/Home/popets18power.pdf?attredirects=1
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Detect SMB Versions with nmap https://isc.sans.edu/forums/diary/Rooting+Out+Hosts+that+Support+Older+Samba+Versions/22672/ CopyFish Google Chrome Extension Replaced by Adware https://a9t9.com/blog/chrome-extension-adware/ StartCom Applying to be Included in Mozilla SSL CAs again https://bugzilla.mozilla.org/show_bug.cgi?id=1311832#c12 McAffee Uses Mixed SSL/nonSSL Content For Online Malware Scan https://blogs.securiteam.com/index.php/archives/3350 Netflix Releases DoS Testing Tool https://medium.com/netflix-techblog/starting-the-avalanche-640e69b14a06
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Attacking NoSQL Applications https://isc.sans.edu/forums/diary/Attacking+NoSQL+applications+part+2/22676/ Web Developer Chrome Toolbar Replaced with AdWare https://twitter.com/chrispederick Android Banking Trojans https://securelist.com/a-new-era-in-mobile-banking-trojans/79198/ Amazon Stops Selling Blu Smartphones http://www.zdnet.com/article/amazon-halts-blu-phone-sales-over-potential-security-issue/
Adware that infects your computer to display annoying pop-ups is an annoyance. But when it infects as many as one five networks in the world, and hides the capability to do far more serious damage to its victims, it's an epidemic waiting to happen.
Get ready to be lawyered-up. It's coming! Oracle v Google is not going to be heard by the Supreme Court, and while that might not spell "Doom" just yet, it's fast approaching the reality that APIs are on the verge of copy-right-a-bi-li-ty (that's too...
This week, Dwayne and Andy are joined by Greg Davies (from TARDISBlend, Blendover, and Heavy Metal Historian podcasts) as we discuss: Edward Snowden answers almost anything, Reddit want you to keep your clothes on, how to keep drones out of your backyard, a new Pebble watch... and much much more. What We're Playing With Andy: The Innovators; Raspberry Pi 2 Dwayne: Homeworld Remastered Collection Greg: Something a little different to discuss, seeing as I've quit smoking - Aspire BDC with Ego CTwist - QuitNow! app by FewLaps Headlines Apple Told by Jury to Pay $532.9 Million in Patent Trial Apple will fight iOS bugs with first-ever iOS Public Betas Reddit finally takes a stand against nonconsensual porn Now You Can Sign Up To Keep Drones Away From Your Property Audible Book of the Week The Snowden Files: The Inside Story of the World's Most Wanted Man by Luke Harding Sign up at AudibleTrial.com/TheDrillDown Music Break: Love in the Sky by The Weeknd Hot Topics Lenovo's Response to Its Dangerous Adware Is Astonishingly Clueless Lenovo CTO on Superfish: ‘We Messed Up' Class Action Lawsuit news How US and UK spies hacked into world's largest maker of SIM cards and stole encryption keys Gemalto: NSA/GCHQ Hack ‘Probably Happened' But Didn't Include Mass SIM Key Theft We are Edward Snowden, Laura Poitras and Glenn Greenwald from the Oscar-winning documentary CITIZENFOUR. AUAA Edward Snowden just answered all your big NSA questions Music Break: Power Rangers by Eric Calderone Final Word Pebble Unveils Color-Screen Time Smartwatch as Apple Threat Looms Pebble's new smartwatch breaks Kickstarter records, raising $1M in just 34 minutes Kickstarter's 'Zach Braff' problem gets worse with the Pebble Time The Drill Down Video of the Week Watch Joseph Kahn's Darker Take On ‘Power Rangers' Starring Katee Sackhoff Saban just pulled POWER/RANGERS off Youtube. Bad day for free speech, fair use, and Fandom in general. — Joseph Kahn (@JosephKahn) February 26, 2015 Why Bootleg The Power Rangers? Subscribe! The Drill Down on iTunes (Subscribe now!) Add us on Stitcher! The Drill Down on Facebook The Drill Down on Twitter Geeks Of Doom's The Drill Down is a roundtable-style audio podcast where we discuss the most important issues of the week, in tech and on the web and how they affect us all. Hosts are Geeks of Doom contributor Andrew Sorcini (Mr. BabyMan), marketing research analyst Dwayne De Freitas, and Box tech consultant Tosin Onafowokan. Occasionally joining them is Startup Digest CTO Christopher Burnor.