Podcasts about asns

Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this episode, Justin interviews Shadowserver Foundation Alliance Director Tod Eberle about cybersecurity. Tod tells how his background as a prosecutor led to his interest in cybersecurity, how he encountered the non-profit Shadowserver Foundation, and how he left the public sector to work with them. He explains how Shadowserver provides actionable data to alert network owners and law enforcement of network vulnerabilities that need to be mitigated. He discusses trends in malware attacks, especially in ransomware. He shares his thoughts on ransomware threats of 2025 and the years to come. He provides tips on preparing your network against ransomware.   Listen to how you can harden your organization's network against malware attacks. Key Takeaways: [:01] About RIMS and RIMScast. [:14] Public registration is open for RISKWORLD 2025! RIMS wants you to Engage Today and Embrace Tomorrow in Chicago from May 4th through May 7th. Register at RIMS.org/RISKWORLD and the link in this episode's show notes. [:33] About this episode. We will discuss cybersecurity with Tod Eberle, the Alliance Director of the Shadowserver Foundation. [:55] RIMS-CRMP Workshops! On February 19th and 20th, there will be a two-day virtual workshop for the RIMS-CRMP led by former RIMS President Chris Mandel and presented by the RIMS Greater Bluegrass Chapter, the 2024 RIMS Chapter of the Year. [1:18] The next RIMS-CRMP-FED exam course will be held from February 4th through the 6th, 2025. Links to these courses can be found through the Certification page of RIMS.org and this episode's show notes. [1:34] Virtual Workshops! Chris Hansen will return on February 11th and 12th to lead the two-day course “Claims Management”. Gail Kiyomura of The Art of Risk Consulting will host the “Fundamentals of Insurance” virtual workshop on February 19th and 20th, 2025. [1:58] On February 26th and 27th, Elise Farnham of Illumine Consulting will lead “Applying and Integrating ERM”. “Managing Data for ERM” will be hosted by Pat Saporito. That course starts on March 12th, 2025. [2:20] A link to the full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's show notes. [2:31] The RIMS Legislative Summit 2025 is back! It will be held on March 19th and 20th in Washington, D.C. Join RIMS for two days of Congressional meetings, networking, and advocating on behalf of the risk management community. [2:49] This event is open for RIMS members only so if you're not a member, join now! Visit RIMS.org/advocacy for registration details. [3:02] Interview! Our guest Tod Eberle is the Alliance Director of the Shadowserver Foundation, a non-profit security organization working altruistically behind the scenes to make the internet more secure for everyone. [3:15] Tod Eberle is with us to discuss the cybersecurity trends on his risk radar and the threats he wants risk professionals to be aware of as 2025 kicks into high gear. Shadowserver Alliance Director, Tod Eberle, welcome to RIMScast! [3:41] Justin saw that Shadowserver Foundation was promoted by the National Cybersecurity Alliance and he thought it would be great to have a follow-up on his appearance there. [3:54] Tod says the National Cybersecurity Alliance is a great organization. After working together with them for a year, they invited Tod to do a webinar. It was a great experience. [4:28] Tod's background is as a career prosecutor, starting as a county prosecutor in Western Pennsylvania in 1997. In 2004, Tod became a Federal Prosecutor in Pittsburgh for the U.S. Department of Justice. [5:00] In 2014, He transitioned over to the National Security and Cybercrime section in Pittsburgh. Pittsburgh was at the forefront of cyber investigations by both the U.S. Attorney's Office and the FBI. Tod wanted to be a part of that. [5:34] The Pittsburgh office has run investigations and issued indictments against Chinese Military Intelligence officers and Russian GRU officers for hacking. In 2014, Pittsburgh had the first criminal indictment of nation-state threat actors. [6:00] In that case, Chinese Military Intelligence PLA officers hacked into Pittsburgh companies Westinghouse, ALCOA, U.S. Steel, and United Steel Workers. Some forward-thinking folks at the FBI and the U.S. Attorney's Office, particularly U.S. Attorney David Hickton, focused on cyber. [6:29] That continued over the years until the present. [6:46] To begin an investigation, the FBI and U.S. Attorney's Office in Pittsburgh, need to have some aspect of an organization's criminal activity touch that district, the Western District of Pennsylvania. A national ransomware case with one victim in Pittsburgh can be investigated. [7:16] In the investigation of Russian GRU actors responsible for the destructive NotPetya malware attack, a district hospital's network was attacked and destroyed. They expanded the investigation and charging documents to include other attacks around the country. [7:58] In 2015 Tod was a prosecutor working with the FBI on an investigation. He was at Europol at the Hague in the Netherlands, a center that brings together investigators and prosecutors from different countries who investigate the same threat group through Europol and Eurojust. [8:33] Tod met the Shadowserver Foundation non-profit group at the Hague in 2015. They were helping, through free technical support to the takedown operation, to dismantle the infrastructure of a crime group, using sinkholing and other security measures. [9:08] Tod Joined the Shadowserver Foundation in January of 2023. He is the Shadowserver Alliance Director. As a small non-profit, everyone wears many hats. The Shadowserver Foundation is a 501(c)(3) in the U.S. and a separate non-profit legal entity in the Netherlands. [9:47] The Shadowserver Foundation started about 2004. It celebrated its 20th anniversary in 2024. It began as a loose group of volunteers made up of cybersecurity researchers and technical experts who came together to help network owners and law enforcement. [10:15] Over the years they became more structured and became a non-profit organization. It's an unusual non-profit organization working 100% in operations. It works in three core areas. First, it's the world's largest provider of free, actionable cyber threat intelligence. [10:45] Second, the Shadowserver Foundation does cybersecurity capacity-building around the world. Third, it also provides free support to law enforcement investigations and disruption operations with technical support and expertise. Those three things are its core mission. [11:07] Justin notes commonalities between RIMS cyber risk reporting and the Shadowserver Foundation's work. Shadowserver collects a vast amount of threat data daily. What are the patterns it sees for 2025? [11:29] Shadowserver Foundation can help organizations mitigate risks. It collects cyber threat data at its data center in California through internet-wide scanning, honeypot sensors, sinkholing operations, and collecting and analyzing malware samples. [11:57] Every day for free the Shadowserver Foundation takes that data and provides it to over 9,000 organizations around the world and to 201 National C-CERTs that cover about 176 countries. [12:13] These reports identify exposed, misconfigured, vulnerable, compromised instances or devices on networks that need patching. [12:25] The organizations that get Shadowserver's data can be anything from banks to hospitals, universities, K-12 school districts, ISPs, local, state, and federal governments, small, medium, and large businesses, Fortune 500s, and NGOs; just about anyone can sign up. [12:46] The idea behind this is that cyber security should be available to everyone, regardless of the ability to pay. Organizations can sign up at the Shadowserver Foundation website, and provide their contact information and network information with IP ranges and ASNs. [13:12] The Shadowserver Foundation does its due diligence and if everything checks out, it automates those reports to go out to the organization daily. About 9,000 organizations sign up directly to receive daily reports. [13:22] The Shadowserver Foundation also sends out data for entire countries to the national C-CERT designated to handle that in those countries. In the U.S., CISA gets hundreds of millions of events from them every day for all the U.S. It is the same around the world. [13:52] Tod says that some things never change. Networks are breached primarily through phishing attacks, malicious links or attachments, and social engineering. [14:09] One trend is a focus on vulnerabilities. Criminals exploit vulnerabilities in the network that aren't timely patched and before they are patched. Shadowserver gives organizations an external snapshot view of their networks just as criminals are scanning for themselves. [14:52] Cybercriminal groups increasingly leverage zero-day vulnerabilities to breach a network. A zero-day vulnerability is a flaw in software or hardware that's unknown to the vendor and has no patch. The vendor has had zero days to fix the vulnerability after it has been discovered. [15:16] That was the case with the Clop ransomware gang. In 2024, they started exploiting zero-day vulnerabilities in Fortra's GoAnywhere software. That continued in May, with them exploiting Progress Software's MOVEit file transfer application. [15:38] Very recently, in December, the Clop Ransomware group claimed responsibility for using a zero-day vulnerability in Clio's file transfer platform that breached victims' networks. [15:49] Cyber criminals extort victims and steal data with ransomware attacks. Risk managers in cybersecurity need to stay on top of critical vulnerabilities that often go unpatched. Those are often the easiest gateway into a network. [16:26] Plug Time! RIMS Webinars! Resolver will be joining us on February 6th to discuss “4 Themes Shaping the Future of GRC in 2025”. [16:38] HUB International continues its Ready for Tomorrow Series with RIMS. On February 20th, they will host “Ready for the Unexpected? Strategies for Property Valuation, Disaster Recovery and Business Continuity in 2025”. [16:54] More webinars will be announced soon and added to the RIMS.org/webinars page. Go there to register. Registration is complimentary for RIMS members. [17:06] Nominations are also open for the Donald M. Stuart Award which recognizes excellence in risk management in Canada. Links are in this episode's show notes. [17:17] The Spencer Educational Foundation's goal to help build a talent pipeline of risk management and insurance professionals is achieved in part by its collaboration with risk management and insurance educators across the U.S. and Canada. [17:35] Since 2010, Spencer has awarded over $3.3 million in general grants to support over 130 student-centered experiential learning initiatives at universities and RMI non-profits. Spencer's 2026 application process will open on May 1st, 2025, and close on July 30th, 2025. [17:58] General grant awardees are typically notified at the end of October. Learn more about Spencer's general grants through the Programs tab at SpencerEd.org. [18:08] Let's Return to the Conclusion of My Interview with Tod Eberle of Shadowserver! [18:49] Justin notes that In December of 2024, China attackers breached the Committee on Foreign Investment in the U.S. That is the government office that assesses foreign investments for national security risks. [18:58] China also targeted the Treasury's Sanctions Office after it sanctioned a Chinese company for its alleged role in cyberattacks. [19:14] Tod thinks we should acknowledge that this is nothing new and nothing we should be surprised about. It's been going on for many years and it's going to continue. Justin was in the Federal government in 2013 and 2014. [19:32] In 2015, it was announced that the U.S. Office of Personnel Management had been breached. Personal sensitive data for 42 million people were stolen. [19:44] In May 2014, five Chinese military officers were indicted for computer hacking and economic espionage against companies based in Pittsburgh. This is nothing out of the ordinary. Unfortunately, indictments don't seem to have a deterrent effect. [20:21] Countries can deny the charges of hacking even with strong evidence of their involvement. [20:37] There are different types of hacking, with different types of motivation. There is traditional espionage against U.S. government agencies. There is theft of intellectual property with nation-states trying to gain a commercial advantage in business. [21:23] There are destructive hacks by nation-state actors, like the NotPetya attack, or attacks on the Ukrainian power grid and banking systems in 2015 and 2016. [21:36] The Volt Typhoon threat actor group and its access to the U.S. critical infrastructure is one of the greatest national security concerns because of its potential to disrupt everything from water to power, to food, to transportation. [22:10] The ripple effect that can come from those disruptions would be enormous. The Colonial Pipeline ransomware attack of a few years ago affected fuel supplies, commerce, and the prices of goods. [22:31] Nation-state hacking is no longer just a concern for government agencies and companies that do business internationally, but it's now a concern for all of society. There's the potential to affect the daily lives of innocent civilians through attacks on critical infrastructure. [23:16] Tod mentions another 2014 indictment out of Pittsburgh, on the GameOver Zeus Botnet takedown. Part of that was a crypto locker ransomware disruption. This was in the infancy of ransomware, for $300 ransoms. Now ransom demands are in the tens of millions of dollars. [23:53] We have seen a huge evolution in ransomware. It's not going away. One thing we're seeing is bypassing data encryption and focusing on data theft. It's easier and less time-consuming for the threat actors because they don't have to map out the network. [24:41] If a victim company had good backups and easy restoration, that was an issue ransomware actors had to deal with, so why would the threat actors bother with that? They just focus on easy data theft and extortion of ransom for the data. [25:04] Tod thinks we will continue to see extortion. Ransomware continues to be the greatest concern for companies. The use of AI has been increasing both for defenders and attackers.  [25:14] A new ransomware group, FunkSec, is claiming large numbers of victims of extortion, encryption, and data theft. They seem to have ransom demands of less than $10,000. They have sold stolen data. Researchers think this is a less experienced group using AI to write code. [27:22] Shadowserver's very talented team collects the data. It's free. They want to get it into the hands of those who can use it. The reports identify things that are seen to be misconfigured or unnecessarily exposed to the internet. Sometimes they can show if something is compromised. [28:12] Shadowserver designates the events by severity level so the end user can prioritize their patching and address first the ones that are most critical and severe. The reports act both as an early warning system and a victim notification system if a device is seen to be compromised. [28:59] The network owner needs to remediate that and patch it before further exploitation like a ransomware attack can occur. [29:07] Shadowserver has two ways to detect that a device is compromised. The first is if they have indicators that tell them a device on the network is compromised. The second is with their support for law enforcement, law enforcement may share sensitive data with Shadowserve. [29:32] When law enforcement does a takedown and they get victim identification data like IP addresses, they must do victim notification. Law enforcement isn't scaled to do victim notification for hundreds of thousands of users. Shadowserver helps them with notifications. [30:48] Shadowserver is very careful to share data responsibly. Company A will get the data they have for Company A and it won't be shared with Company B and vice versa. Shadowserver views the data as belonging to that network owner. [31:08] If a company authorizes Shadowserver and wants them to share their data with a third party, Shadowserver will happily do it. There are several companies with MSSPs to manage their security. If the company asks, Shadowserver will send the data to their MSSP. [31:43] As a small, non-profit organization, not everyone has heard of the Shadowserver Foundation. They want people to know they have this data and they want to share it. It could be relevant for cyber insurance companies' due diligence, with the insurance applicant's consent. [32:20] It's important because those reports can show whether a network has remained healthy and secure over time. Tod would love to see Shadowserver be able to help more in the risk mitigation areas. [32:56] Special thanks again to Shadowserver Foundation's Tod Eberle for joining us here on RIMScast! Check out this episode's show notes for links to the Shadowserver reports we mentioned. [33:07] Be sure to tune in next week for Data Privacy Day! We've got a special episode with James Burd, Chief Privacy Officer of the Cybersecurity and Infrastructure Security Agency (CISA). That's going to be a good one! [33:22] More RIMS Plugs! You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in our show notes. [33:50] RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate and help you reach them! Contact pd@rims.org for more information. [34:07] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [34:25] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more.  [34:41] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. [34:55] Justin Smulison is the Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [35:03] Thank you all for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe!   Mentioned in this Episode: RIMS Risk Management magazine RISKWORLD 2025 — May 4‒7 | Register today! RIMS Legislative Summit — March 19‒20, 2025 Nominations for the Donald M. Stuart Award Spencer Educational Foundation — General Grants 2026 — Application Dates RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy Shadowserver Foundation National Cybersecurity Alliance RIMS Webinars: RIMS.org/Webinars “4 Themes Shaping the Future of GRC in 2025” | Sponsored by Resolver | Feb. 6, 2025 “Ready for the Unexpected? Strategies for Property Valuation, Disaster Recovery and Business Continuity in 2025” | Sponsored by Hub International | Feb. 20, 2025 Upcoming Virtual Workshops: “Claims Management” | February 11‒12, 2025 | Instructor: Chris Hansen “Fundamentals of Insurance” | Feb. 19‒20, 2025 “Applying and Integrating ERM” | Feb. 26‒27 “Managing Data for ERM” | March 12, 2025 See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops   Upcoming RIMS-CRMP Prep Virtual Workshops: “Stay Competitive with the RIMS-CRMP | Presented by the RIMS Greater Bluegrass Chapter” February 19‒20, 2025 | Instructor: Chris Mandel Full RIMS-CRMP Prep Course Schedule Full RIMS-CRMP Prep Course Schedule   Related RIMScast Episodes: “Kicking off 2025 with RIMS CEO Gary LaBranche” “Year In Risk 2024 with Morgan O'Rourke and Hilary Tuttle” “AI and Regulatory Risk Trends with Caroline Shleifer” “Cybersecurity Awareness and Risk Frameworks with Daniel Eliot of NIST” (2024)   Sponsored RIMScast Episodes: “Simplifying the Challenges of OSHA Recordkeeping” | Sponsored by Medcor “Risk Management in a Changing World: A Deep Dive into AXA's 2024 Future Risks Report” | Sponsored by AXA XL “How Insurance Builds Resilience Against An Active Assailant Attack” | Sponsored by Merrill Herzog “Third-Party and Cyber Risk Management Tips” | Sponsored by Alliant “RMIS Innovation with Archer” | Sponsored by Archer “Navigating Commercial Property Risks with Captives” | Sponsored by Zurich “Breaking Down Silos: AXA XL's New Approach to Casualty Insurance” | Sponsored by AXA XL “Weathering Today's Property Claims Management Challenges” | Sponsored by AXA XL “Storm Prep 2024: The Growing Impact of Convective Storms and Hail' | Sponsored by Global Risk Consultants, a TÜV SÜD Company “Partnering Against Cyberrisk” | Sponsored by AXA XL “Harnessing the Power of Data and Analytics for Effective Risk Management” | Sponsored by Marsh “Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos “Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL “Elevating RMIS — The Archer Way” | Sponsored by Archer “Alliant's P&C Outlook For 2024” | Sponsored by Alliant “Why Subrogation is the New Arbitration” | Sponsored by Fleet Response “Cyclone Season: Proactive Preparation for Loss Minimization” | Sponsored by Prudent Insurance Brokers Ltd. “Subrogation and the Competitive Advantage” | Sponsored by Fleet Response   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Strategic & Enterprise Risk Center RIMS-CRMP Stories — Featuring RIMS Vice President Manny Padilla!   RIMS Events, Education, and Services: RIMS Risk Maturity Model®   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guest: Tod Eberle, Shadowserver Foundation   Production and engineering provided by Podfly.  

Insider Financial profiles Greenwave Technology Solutions Inc (NASDAQ: GWAV). To get our FREE reports and eBook: https://www.insiderfinancial.com/lp/youtube This video covers GWAV, ASTS, MBIO, ASNS, and DXF. Get Ready For A Major Short Squeeze! Disclosure: ONE22 MEDIA, LLC HAS BEEN COMPENSATED A FEE OF EIGHT THOUSAND USD BY A THIRD PARTY, SICA MEDIA, LLC FOR A ONE DAY GWAV PROFILE. O22 HAS PREVIOUSLY BEEN COMPENSATED A FEE OF TEN THOUSAND USD BY A THIRD PARTY, SICA MEDIA, LLC FOR A ONE DAY GWAV PROFILE. O22 HAS PREVIOUSLY BEEN COMPENSATED A FEE OF TEN THOUSAND USD BY A THIRD PARTY, SICA MEDIA, LLC FOR A ONE DAY GWAV PROFILE. Insider Financial is not an investment advisor; this video does not provide investment advice. Always do your research, make your own investment decisions, or consult with your nearest financial advisor. This video is not a solicitation or recommendation to buy, sell, or hold securities. This video is our opinion, is meant for informational and educational purposes only, and does not provide investment advice. Past performance is not indicative of future performance. For more information, please read our full disclaimer: https://insiderfinancial.com/disclaimer/ S&p 500, Dow, Nasdaq, SPY ETF, QQQ ETF, quantum computing stocks, Spac stocks, AI stocks, Bitcoin, crypto, Bitcoin stocks, crypto stocks, short squeeze, short squeeze stocks, low float, low float stocks, lithium stocks, ev stocks, small caps, trading, otc stocks, otc stocks list, penny stocks, penny stocks list, NASDAQ penny stocks, NYSE stocks, NYSE penny stocks, biotech stocks #smallcapstocks #pennystocks #shortsqueeze

Insider Financial profiles Unusual Machines (NYSE: UMAC) and discusses the bird flu trade and how to play it. To get our FREE reports and eBook: https://www.insiderfinancial.com/lp/youtube This video covers NNVC, NVDA, DDD, SFIX, ASNS, CORZ, UMAC, BNED, IMMR, NVAX, CVAC, GOVX, DYAI, BIXT, AEMD, ISPC. #1 Low Float On The NYSE and Playing The Bird Flu Trade! Disclosure: ONE22 MEDIA, LLC HAS BEEN COMPENSATED A FEE OF TEN THOUSAND USD BY A THIRD PARTY, INTERACTIVE OFFERS, LLC FOR A ONE DAY UMAC PROFILE. O22 HAS BEEN COMPENSATED A FEE OF TEN THOUSAND USD BY A THIRD PARTY, INTERACTIVE OFFERS, LLC FOR A ONE DAY NNVC PROFILE, WHICH HAS EXPIRED. O22 HAS PREVIOUSLY BEEN COMPENSATED A FEE OF NINETEEN THOUSAND USD BY A THIRD PARTY, INTERACTIVE OFFERS, LLC FOR 2 ONE DAY NNVC PROFILES, ALL OF WHICH HAVE EXPIRED. Insider Financial is not an investment advisor; this video does not provide investment advice. Always do your research, make your own investment decisions, or consult with your nearest financial advisor. This video is not a solicitation or recommendation to buy, sell, or hold securities. This video is our opinion, is meant for informational and educational purposes only, and does not provide investment advice. Past performance is not indicative of future performance. For more information, please read our full disclaimer: https://insiderfinancial.com/disclaimer/ S&p 500, Dow, Nasdaq, SPY ETF, QQQ ETF, quantum computing stocks, Spac stocks, AI stocks, Bitcoin, crypto, Bitcoin stocks, crypto stocks, short squeeze, short squeeze stocks, low float, low float stocks, lithium stocks, ev stocks, small caps, trading, otc stocks, otc stocks list, penny stocks, penny stocks list, NASDAQ penny stocks, NYSE stocks, NYSE penny stocks, biotech stocks #smallcapstocks #pennystocks #birdflu

Insider Financial profiles NanoViricides, Inc. (NYSE American: NNVC). To get our FREE reports and eBook: https://www.insiderfinancial.com/lp/youtube This video covers NNVC, NVDA, DDD, SFIX, ASNS, and CORZ. New Highs Coming? This Biotech Runner Is Back On Our Radar! Disclosure: ONE22 MEDIA, LLC HAS BEEN COMPENSATED A FEE OF TEN THOUSAND USD BY A THIRD PARTY, INTERACTIVE OFFERS, LLC FOR A ONE DAY NNVC PROFILE. O22 HAS PREVIOUSLY BEEN COMPENSATED A FEE OF NINETEEN THOUSAND USD BY A THIRD PARTY, INTERACTIVE OFFERS, LLC FOR 2 ONE DAY NNVC PROFILES. Insider Financial is not an investment advisor; this video does not provide investment advice. Always do your research, make your own investment decisions, or consult with your nearest financial advisor. This video is not a solicitation or recommendation to buy, sell, or hold securities. This video is our opinion, is meant for informational and educational purposes only, and does not provide investment advice. Past performance is not indicative of future performance. For more information, please read our full disclaimer: https://insiderfinancial.com/disclaimer/ S&p 500, Dow, Nasdaq, SPY ETF, QQQ ETF, quantum computing stocks, Spac stocks, AI stocks, Bitcoin, crypto, Bitcoin stocks, crypto stocks, short squeeze, short squeeze stocks, low float, low float stocks, lithium stocks, ev stocks, small caps, trading, otc stocks, otc stocks list, penny stocks, penny stocks list, NASDAQ penny stocks, NYSE stocks, NYSE penny stocks, biotech stocks #smallcapstocks #pennystocks #stockstowatch

Subscriber-only episodeCobra Trading Click the link and get 33% off commissions for life as well as one month of free DAS Trader PlatformEdgeToTrade Use coupon code FRIENDLYBEAR15 for 15% off EdgeToTrade, the financial research platform for traders.Dilution Tracker Click the link and get 10% off of Dilution TrackerTraderSync Use coupon code FRNLYBR for 15% off monthly, 55% off yearly for TraderSync trading journal software TradeIdeas Use coupon code FRIENDLYBEAR for 15% off TradeIdeas real-time data stock scannerDisclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the show

NETSCOUT recently announced findings from its DDoS Threat Intelligence Report. The findings demonstrate how sophisticated cybercriminals have become at bypassing defences with new DDoS attack vectors and successful methodologies. "By constantly innovating and adapting, attackers are designing new, more effective DDoS attack vectors or doubling down on existing effective methodologies," said Richard Hummel, threat intelligence lead at NETSCOUT. "In the first half of 2022, attackers conducted more pre-attack reconnaissance, exercised a new attack vector called TP240 PhoneHome, created a tsunami of TCP flooding attacks, and rapidly expanded high-powered botnets to plague network-connected resources. In addition, bad actors have openly embraced online aggression with high-profile DDoS attack campaigns related to geopolitical unrest, which have had global implications." NETSCOUT's Active Level Threat Analysis System (ATLAS™) compiles DDoS attack statistics from most of the world's ISPs, large data centres, and government and enterprise networks. This data represents intelligence on attacks occurring in over 190 countries, 550 industries, and 50,000 autonomous system numbers (ASNs). NETSCOUT's ATLAS Security Engineering and Response Team (ASERT) analyses and curates this data to provide unique insights in its biannual report. When I hear phrases such as DNS water-torture attacks and carpet-bombing attacks on the rise combined with a new Netscout Threat Intelligence report, I immediately reached out to my go-to guy for cybersecurity threats. Richard Hummel rejoins me on Tech TAlks Daily to discuss the news in more detail and demystify some of the terminologies around the threat landscape.

  IT & Telecom the Backbone of the Bitcoin Network   In this episode Jon talks with IT expert @SalGood HODL about the backbone of the Bitcoin network, the global telecommunications network. Jon and Sal cover the history of telecommunications and information technology and its journey from telegraph to the infinitesimally complicated network of fiber, copper/aluminum, and satellites that comprise the internet.    They discuss the organizations the govern or run the internet like: ICANN (Internet Corporation for Assigned Names and Numbers) a non-profit based in California, IANA (Internet Assigned Numbers Authority) run/owned by ICANN who are responsible for allocation of IP addresses and Autonomous System Numbers, root domain name system and top-level domains. Jon & Sal describe the Regional Internet Registry. They are the 5 regional organizations around the globe that facilitate the allocation of IP addresses and ASNs to local registries and ISPs. RIRs are independent of ICANN and supervised/guided by the Number Resource Organization, which is an unincorporated international organization. The 3-Tier ISP system is covered by Sal. The 3-Tier ISP system consists of  Tier I — backbone providers who own/operate high speed/bandwidth, multi-continent networks, transoceanic cabling and do not pay or charge data transit fees with their like-peers. Tier 2 — Typically regional/national ISPs pay for transit and peering with tier I and tier 2 providers, customers are typically large organizations and tier 3 ISPs. Tier 3 — Primarily engaged in providing Internet access to consumers and businesses in localized areas, they pay access and transit from tier 2 providers. IPv4 address space are described. An IPV4 looks like AAA.BBB.CCC.DDD where each block can be a number between 0-255 there are 232 total addresses, roughly 4.2 billion addresses. Nearly 600 million are reserved, so about 3.7 billion usable on the Internet and nearly 100% are already allocated globally.  The IPv6 address space looks very complex. It uses hexadecimal notation 0-9+A-F, blocks of zeros can be omitted 2 28 total addresses. If you assumed each star had 10 planets, each galaxy had 100 billion stars, and the universe had 100 billion galaxies, there would be roughly 3.4 quadrillion (1000 trillion's) IPv6 addresses for each planet. What makes the Internet? Layers like in a cake or maybe the Taco Bell 7-Layer Burrito. l . TCP/IP Model — Less complex than OSI l. Network Connection Layer 2, Internet Layer 3. Transport Layer 4, Application Layer 2. OSI Model — 7 layers, breaks TCP/IP layers into more parts l. Network Connection Layer —+ Physical layer and Data Link Layer Internet Layer —9 Network Layer Transport Layer —+ Transport, Session and Presentation Layers 4, Application Layer —+ Application Layer Sal describes how systems and applications communicate by laying out the Application Layer Protocols. Like spoken languages, these protocols have grammar rules; a vocabulary that create standards to convey meaning between parties. Different protocols are optimized for purpose specific communications. Bitcoin is protocol optimized for secure communication of value between parties.   Show guest   twitter - @SalGoodHODL twitter - @JonPDiGiacomo   twitter - @MaxBitbuybit twitter - @bitbuybitpod Website - https://ungovernablemisfits.com       As always please feel free to reach out and ask me any questions.   Today you can exchange $1 for 4785 Sats (Sale ends soon.)   Thank you Foundation Devices for sponsoring the show.  Use code BITBUYBIT at check out for $10 off your purchase    

Coast 2 Coast Season 3 Episode 2 : Brandon's NLP Breakdown In this episode: The fellas breaks it down for an article on ASNs! Making a point' don't just believe everything you read or are told by media. Do yourself a favor, research first! Thanks for joining us this week and we hope to see ya next time! https://www.seattletimes.com/seattle-news/law-justice/eviction-of-wa-anti-government-extremist-gives-window-into-sovereign-citizen-movement/ contact: farris@coast-2-coastpodcast.com For info on becoming an American State National: https://tasa.americanstatenationals.org https://www.mystatusselect.com is a 'fast track' to getting your status corrected right away! Judge Anna Von Reitz book, "You know somethings wrong when..." http://www.annavonreitz.com/order.html Also check out: asnsecure.com Visit our Shopify: https://coast-2-coastpodcast.com/ https://linktr.ee/C2CPodcast1 Smule group on FB: https://www.facebook.com/groups/1654381394909853 https://www.buymeacoffee.com/Coast2CoastShow Our Podcast operates from donations/contributions provided through the link above, and we greatly appreciate everyone who has been able to help out, but please do not feel pressured. You being here with us each and every week is the greatest reward. We thank you for your continued support and would love it if you could like, subscribe, comment, and share our Podcast so we can reach more people and open more doors. --- Send in a voice message: https://anchor.fm/goodolboysoundroom/message Support this podcast: https://anchor.fm/goodolboysoundroom/support

Rogers Communications, the Canadian ISP is down. One of its ASNs (they have many) is AS812 with over 5 million IP addresses. Tried a few and none of them can be pinged from the US (not sure if ICMP is disabled or not) This is a huge deal for all Canadians and businesses affected. So sorry for every one who is affected by this, and kudus to all the engineers at Rogers working to fix this for the past what? 11 hours now? If an ASN goes dark like a Facebook or a Cloudflare that isn't a big deal you can go without using Facebook for a day. But if this is your ISP's ASN that connects you to the rest of the World goes down, actual users won't be able to connect. We still don't know the cause but my guess it might be a bad BGP entry? that's what happened to Cloudflare or FB, could be something different. again so sorry for all my Canadian followers affected. Will make a video when I get a chance Resources https://www.bigdatacloud.com/asn-lookup/AS812 https://www.bigdatacloud.com/asn-lookup/AS7018 --- Support this podcast: https://anchor.fm/hnasr/support

Podcast Episode! Sapphire Orlando Reactions From Bowdorks  Money QuotesTim ChampagneIs this just another fragmentation of apps out there? [re: iOS app announcements]Kyle BitsonIf you look at what's happening in the world…supply chain issues…they're more relevant than they have been in a long time. It's striking a balance between the technical upgrade and unlocking the new features and showing business value to your end users. [re: finding out about SOAR]James WoodIt's amazing to me in 2022, we're still having conversations about on-boarding suppliers and figure out how to trade ASNs. It feels very antiquated.The elephant in the room: it's incredibly complicated. The number of new technologies in play for an S/4HANA implementation. This was never going to be smooth.Paul ModdermanFor good or for ill — I don't know — the act of doing things sustainably is entirely in the hands of customers and clients taking the actions. [re: SAP forays into sustainability]I was hooked — that was telling me what actually happens with SAP solutions! I could literally imagine buying the pizza in the store with the app. [re: Casey's pizza story]

Šta je minimalna cena rada? Kako sprečiti partijsko zapošljavanje i diskriminaciju? Kakav je položaj radnika u Srbiji? Zašto niko ne kontroliše inostrane kompanije?Koliko ljudi radi na crno? Zašto sem 1. maja, nema sindikata na ulici? Zašto je malo sindikata u privatnim firmama? Kolika je stvarno nezaposlenost?

IP reconnaissance is often the base and a starting point of any security research or bug hunt. This is simply because scanning any IP address can lead you to an individual host in question, and once you've found the host, the possibilities are limitless. From there you may find running services, open ports, databases, unsecured files and much more. Everything begins with finding and scanning the IP address. Doing this is relatively easy for smaller organizations; looking up the ASN of an organization often nets you almost all of its IP addresses. When looking at larger organizations, however, you can get multiple departments running on different network spaces, ASNs and locations with tens and thousands of IPs. Some larger organizations like IBM, Amazon, Ford Motor Company have /8's of their own which is approximately 16777216 individual IPv4 addresses. Scanning and finding open ports and services on half a million IPs or even, say, 10,000 IPs (which is commonly seen at many larger organizations) is quite a time consuming and difficult task. But not all hope is lost! Some tools like our own Securitytrails Surfacebrowser, actively scan and gather information for you, empowering your security research and IP reconnaissance in literally seconds. How to perform IP reconnaissance for Bug Bounty Hunting Let's see how anyone can perform a complete IP reconnaissance using Surfacebrowser, our all-in-one surface analysis tool: To begin your IP reconnaissance, first head over to your user area and log into your account. Once logged in, click on "Access Surfacebrowser" on the left-hand side or load this URL:/ In our example, we'll be scanning the company domain "ge.com" From the left-hand sidebar, select "IP Blocks" under the "IP Addresses" heading: Give it a few seconds for Surfacebrowser to generate your report, after which you'll see all the IP addresses associated with the company GE: As you can see, the IP blocks along with IP counts, RIR, open ports, hostnames and apex domains hosted on those IP addresses are also revealed. Looking further into per-IP information with Surfacebrowser Scanning the IP 1.1.1.1 as an example, Surfacebrowser now shows you a summary of all the available information, and allows you to jump from one tab to another to discover even more details: Domains The Domains tab lists the number of domains associated with this IP address, current, active domains on the IP address and past domains, domain history associated with the IP address. Ports History The Ports History tab lists ports that were open in the past (and might still be open), or are closed now and when they were last seen open. P2P The P2P tab lists any peer-to-peer activity which may have occurred on or via this IP address, including data such as date, torrent, category and source. Open Ports and Software The Open Ports and Software section lists services and applications running as well as each open port found on the IP address. Services and applications include web servers, DNS servers such as Nginx, Unbound (DNS-Server), other services like HTTP proxy and more. DNS This section lists all associated forward DNS and reverse DNS addresses and information for the IP address. ASN This section indicates which autonomous system number (ASN) the IP address belongs to, helping to further trace out associated IP ranges and network uplinks, providers. Latest Seen Certificates The last or latest seen certificates seen on this IP address, the port it is assigned to, location and validity are indicated in this area. Combined, the above information gives you a great headstart into gathering information about the IP address in question. What about IP neighbors? Sometimes an IP address might not have much to offer, simply because it could be well secured or running nothing of value to the investigation. On the other hand, its neighbours might be running services of interest, and finding these IP neighbors is super easy with the Surfacebrowser tool as well: We f...

ARIN is the official network numbers register for IPv4 and IPv6 addresses, as well as ASNs, for North America. The IPv6 Buzz crew talk with Mark Kosters, ARIN's CTO, about its role in providing IPv6 address resources, policy, and advocacy.

ARIN is the official network numbers register for IPv4 and IPv6 addresses, as well as ASNs, for North America. The IPv6 Buzz crew talk with Mark Kosters, ARIN's CTO, about its role in providing IPv6 address resources, policy, and advocacy.

ARIN is the official network numbers register for IPv4 and IPv6 addresses, as well as ASNs, for North America. The IPv6 Buzz crew talk with Mark Kosters, ARIN's CTO, about its role in providing IPv6 address resources, policy, and advocacy. The post IPv6 Buzz 033: ARIN’s Role In IPv6 Address Allocation appeared first on Packet Pushers.

ARIN is the official network numbers register for IPv4 and IPv6 addresses, as well as ASNs, for North America. The IPv6 Buzz crew talk with Mark Kosters, ARIN's CTO, about its role in providing IPv6 address resources, policy, and advocacy. The post IPv6 Buzz 033: ARIN’s Role In IPv6 Address Allocation appeared first on Packet Pushers.

Ladies and Gentleman thank you for listening to a brand new episode of All Steak No Sizzle. On this episode Im offering help. Help for those who want to free themselves from the pain and agony that comes from being a Detroit Lions fan. I see people jumping off of the bandwagon and I want to help those who are fed up. I discuss my frustrations with this organization and how I change my NFL viewing habits to actually enjoy watching football. Let the hate flow thru you and join me.

Gwen is the mother of Claire and Lola, teenagers with asparagine synthetase deficiency or ASNS.  Both Claire and Lola have microcephaly as a result of ASNS. Despite this, they have filled their family and community with love. Finding Happiness and Joy The Unexpected For Gwen and her husband, there was no cause for concern while starting their family.  They had one boy, born typically. Gwen’s tests and scans all came back normal during her second pregnancy as well.  However, when Claire was born, it was apparent something was wrong. Gwen recalls, “There was no reason to believe anything was going to happen.  I had a pretty uneventful labor, and she was born, and instantly everyone freaked out...they were pretty concerned and called in all the specialists to give her a thorough exam.” “It Happened Again” Doctors were unable to find the cause of Claire’s microcephaly and assured Gwen and her husband that there was a 25% chance of it happening again.  Confident it wouldn’t happen again, they got pregnant.  At first all of the scans came back normal.  It wasn’t until she was 22 weeks pregnant there started being concerns.  When Gwen was 26 weeks along, they confirmed microcephaly for Lola, her unborn child.  Claire had this to say about it, “I don’t know if I’ve cried as much in my whole life as I did those 24 hours after Lola was diagnosed.  It just felt so unfair to have to go through it again..we really, truly thought we had a 75% chance or greater that everything would be fine.” Choosing Life Even though her obstetrician didn’t push for termination of her pregnancy, he encouraged Gwen to look at all her options.  Gwen recalled what happened, “I just remember going back to my OB who said, ‘you guys have been through an awful lot. Look Gwen, you have options, and I’m not going to judge you guys whichever option you take, but I would encourage you to check out every option.’...and I did exactly what he said.” Gwen did her research.  She talked with people who had been through similar situations, visited websites, and read testimonials.  She said the following, “Who am I to play God? I was given this child for a reason; why am I to change this path?” She chose life! A decision to this day she would choose over and over again. Finding the Reason It had taken years to find the reason behind Claire and Lola’s microcephaly.  After sending blood into different research hospitals, they finally had a definitive answer.  Her daughters have Asparagine Synthetase Deficiency or ASNS.   Since getting a diagnosis, Gwen has created a Facebook page.  This page has helped other parents connect and find support in each other. Gwen had this to say, “It has been really neat to connect with these other families and see the similarities..How nice is it to know another family who understands what we are going through.” Sleep is Hard When asked what some of the challenges for Claire and Lola are Gwen mentioned a few things.  The first being the ability to control the girls’ seizures and the other is sleep. “I can’t say that nighttime is normal because they don’t sleep steadily.” Gwen said.  Lola requires constant supervision while sleeping. Usually there is a nurse who stays with her to help monitor her sleep and seizure activity.  “Typically Atypical”  Life with Medically Complex Children “There is nothing typical about any of my days, nor are any two days the same..the tricky part is we have PT, OT, speak technology and we have a vision therapist who comes and two teachers who come, so that’s like seven people who are trying to come Monday-Friday every single day.” “We try to squeeze stuff in for our son.  A lot of times in the evenings he’ll have basketball games or practices, or we go with him to the gym..we try to have as much normalcy for him as we can.  We’ve always tried to do that. We are a pretty close knit family; we just like spending time together.” Gwen said. “Life is Special and Perfect and Wonderful Exactly the Way it Is”

As security professionals, we’re relied upon to protect our networks from malicious traffic. But what’s the best strategy for determining the most likely sources of risky traffic? Is it safe to assume that traffic from certain countries is more suspicious than others, or that some hosting infrastructures are more likely to be compromised? With a growing consensus that IP blocklists are rapidly becoming obsolete, a more sophisticated approach is needed. Our guest today is Dr. Bill Ladd, chief data scientist at Recorded Future. He’s the author of the report, "From Chasing Risk Lists to ASN Policies: Large-Scale Analysis of Risky Internet Activity." The report takes a data-driven look at a variety of ways to determine risky ASNs and IP addresses. In this episode Bill Ladd gives us an overview of his team’s research and findings.

As security professionals, we're relied upon to protect our networks from malicious traffic. But what's the best strategy for determining the most likely sources of risky traffic? Is it safe to assume that traffic from certain countries is more suspicious than others, or that some hosting infrastructures are more likely to be compromised? With a growing consensus that IP blocklists are rapidly becoming obsolete, a more sophisticated approach is needed. Our guest today is Dr. Bill Ladd, chief data scientist at Recorded Future. He's the author of the report, "From Chasing Risk Lists to ASN Policies: Large-Scale Analysis of Risky Internet Activity." The report takes a data-driven look at a variety of ways to determine risky ASNs and IP addresses. In this episode Bill Ladd gives us an overview of his team's research and findings.

This episode is brought to you by money. We start the show off by discussing the big money fight announced this weekend between Conor McGregor and Floyd "Money" Mayweather. We ask the question if you only have money for 1 boxing pay per view are you watching Conor vs Floyd or Canelo vs GGG? We also review and breakdown Smackdown Live's Money In The Bank . We share our thoughts on the Women's and Mens MITB winners. We breakdown Jinder Mahal vs Randy Orton and does Jinder's title rein open up the door for the first African American WWE World Champion? Many other topics come up such as the tag team division, Lana's first singles match, the appearance of Mike and Maria Kanelis, etc. Check out the show on Soundcloud, iTunes, Stitcher, Blubrry , and Google Play. http://www.stitcher.com/podcast/devin-mckenzie/all-steak-no-sizzle https://itunes.apple.com/us/podcast/all-steak-no-sizzle-podcast/id1200982007?mt=2 https://www.blubrry.com/all_steak_no_sizzle/ Follow Devin https://www.instagram.com/allsteaknosizzle/ https://twitter.com/devinthe63 https://www.facebook.com/asnspodcast/# asnspodcast@gmail.com Follow Kyle J Campbell https://www.instagram.com/teamkayos/ https://www.facebook.com/thegreat.k.campbell https://www.youtube.com/channel/UC4rCRzhZWg7otTrlPkb_Nwg Follow Kyle Collison https://www.facebook.com/kyle.collison.75?ref=br_rs https://www.instagram.com/detroitnokout/ https://twitter.com/detroitnokout Follow the show https://twitter.com/ko3cpod https://www.facebook.com/ko3cpod/# ko3cpod@gmail.com

On this episode Kyle Collison and Devin take a trip to Michigan Top Team to chat with Mo and Munib who will be fighting at the Deltaplex in Grand Rapids, MI were KNOCKOUT PROMOTIONS presents KOP:56. We discuss various topic such as there time at Michigan Top Team, cutting weight, preparing for a fight during Ramadan, the Michigan MMA scene, and both gentleman called out some possible future opponents. Spoiler......CM Punk's name came up. Listen to this show on iTunes, Google Play, Stitcher , and Soundcloud. Subscribe, Follow, Like and Share on all platforms Follow All Steak No Sizzle and KnockOuts & 3 Counts https://twitter.com/ko3cpod https://twitter.com/devinthe63 https://www.facebook.com/asnspodcast/?ref=aymt_homepage_panel# https://www.facebook.com/ko3cpod/# Munib https://www.instagram.com/godzilla125/ https://www.facebook.com/munib.alsalmani?fref=pb&hc_location=friends_tab&pnref=friends.recent Mo https://www.instagram.com/alshatrimma/ https://twitter.com/alshatrimma https://www.facebook.com/profile.php?id=100001907746263&lst=504196586%3A100001907746263%3A1497491929&sk=about Kyle https://twitter.com/detroitnokout KnockOut Promotions https://www.instagram.com/kopromotions/ https://www.facebook.com/KOPROMO/# Michigan Top Team https://www.michigantt.com/

On this week's episode I am joined by the fellas from the soon to be released podcast Knockouts & 3 Counts Kyle and Kevin. Both gentlemen have appeared on the before to talk about wrestling and mma. The fellas and myself breakdown this past weekends action from UFC 212 and WWE Extreme Rules. We also talk about what to expect from the KO3C Podcast.

Welcome to episode 35. The Ultimate Kendrick Lamar Album!!! I am joined by Hip Hop artist G. Infinite as we debate which songs belong on the Ultimate Kendrick album. G and I also talk about his soon to be released album "The Formula" and the singles off of his project. We were also joined by our good friend Ken " The Slanderer" and previous ASNS guest Seath Johnson. Ken and Seath served as judge and audience to the debate between G.infinite and myself. Listen and enjoy the debate. Share your thoughts and opinions on our choices. I will also share a link of the playlist for Tidal, Spotify and YouTube( some of the songs for the new album "Damn" may have been removed by youtube). Make sure you follow everyone on social media and subscribe to the show. Links will be found below YouTube Playlist; https://www.youtube.com/playlist?list=PL5Q1QuxZqPBBgMNp8taDkiSpiMhoVUAZl G. Infinite's Youtube page (subscribe) https://www.youtube.com/channel/UCA1aX-viI6o9qd0TMBMS-dA G.Infinite's Instagram https://www.instagram.com/ocgi1/ Spotify Link for the playlist https://open.spotify.com/user/1235751061/playlist/609JfWuA3aDp3PYlXzaxpP

On this episode Q from The Critical Dump Podcas has joined me to break down the top 5 sports moments of 2016. Make sure you share yours and let me know what your think about our list.

On this episode I welcome journalist and co host of The Corner Podcast Kel Dansby. We break down ort top 5 upsets and top 5 albums of 2016. We also jump in to some very interesting conversations about Kanye West, Donald Trump, and various other topics. I also welcome my girlfriend Markie on the show to give her top 5 movies of 2016. Make sure you share your Top 5's as well

Lady and gentleman I have the quarterback of the Pod Fam Mr. John Salvatore aka John Salway, aka Cuban Roast, aka Blatino Keanu Reeves for @thejohneffect . This is the first of the 2016 wrap up show. John and I lay out the top 5 music artist and the top 5 tv series of 2016. Make you share your top 5 list. You can do so on the All Steak No Sizzle Facebook page. You can hit me up on twitter or instagram @ devinthe63. Or shoot an email to the show at asnspodcast@gmail.com.

Ladies and Gentlemen.....on this week's episode I recap my trip to Sacramento for the #UFConFox. I give my brief thoughts on #StarWarsRougeOne, #J-Cole, #ChildishGambino, and #BrunoMars. I will also preview the 2016 wrap up shows. Ill announce the various top 5 list categories and what guest will join me for those categories. And I ask Lions fans if they believe their team will make the playoffs and win the division.(make sure you share your opinion). Make sure you LIKE, FOLLOW, COMMENT, REPOST. Hit me up on the world wide internets and social media. You can find me on Instagram and Twitter @devinthe63 Email the show at asnspodcast@gmail.com Follow the All Steak No Sizzle Facebook page https://www.facebook.com/asnspodcast/?ref=aymt_homepage_panel#

This week we Have a conversation with DAPL protest organizer Frances Diane. Frances will enlighten us on the situation going on in North Dakota and across the country with oil pipelines, fresh water, and the plight of the Native American people. Also I will preview the 2016 wrap up show coming soon. Shout out to The Pod Fam #weallwin,

Welcome to episode 12. This week I have Mohammad Cherri on the show. Mohammad is a very knowledgable young man who is here to share some much need information about the situation going on in North Dakota , the Sioux Native American and the Dakota Access Pipeline. Make sure you LIKE, REPOST, SHARE, and COMMENT. Follow Mohammad Cherri: https://www.facebook.com/profile.php?id=100008925405465 also follow Mohammad's Facebook group Indigenous Rights Alliance #nodapl #standingrock Follow The show on Facebook: https://www.facebook.com/asnspodcast/# Twitter: https://twitter.com/devinthe63 instagram: @devinthe63 email: asnspodcast@gmail.com

I hope everyone had a safe and happy Thanksgiving. On this weeks show i give a quick rundown of my trip to Mississippi for Thanksgiving. The main part of the show is a conversation with previous guest Bryant "Beans" Veal. This was recorded in early October. In this conversation we discussed various topic relating to the city of Charlotte North Carolina including the NBA All Star Game, Protest, Cam Newton, and Police Brutality. Thank you all for checking out the show. If you would like to share your thought on this or any or any other episode feel free to check out the All Steak No Sizzle Facebook page. You can reach me on twitter and instagram @devinthe63 . You can email the show at asnspodcast@gmail.com If you are looking for a nice barbershop/salon in the Detroit area check out The Artisan Room Detroit on Facebook. And on December 16th and 17th check out " Do You Hear What I Hear?" a Christmas concert in Farmington Hill, MI at the Costick Activity Center. Tickets are $15 at the door or you can buy them in advance. For more information contact Frances at (248)924-0604.

On this weeks show I will give my thoughts on Mr Kanye West. I breakdown my plans for Thanksgiving(my favorite holiday). Ill give a quick preview not this years slate of Thanksgiving Day Football. I give a shout out to The Pod Family. And preview future episodes and topics coming soon. Make sure you follow, like, comment and share this and all episodes. Let me know what you have planned for Thanksgiving or if you listen to this after Thanksgiving how it went. I wish everyone a Happy Thanksgiving and if you are traveling like I am be safe and make it to your destinations and home in one piece. If you are in the Detroit area make your you support and check out The Artisan Room Detroit Salon. You can find the link to there Facebook page on the All Steak No Sizzle Facebook page.

On this weeks show I break down the Detroit Lions season so far and give predictions on how the final 7 games will play out. I will hand out various awards such as MVP, rookie of the year, and etc as well. Also I share some thoughts on the new Tribe Called Quest album and send an open letter to two of my favorite hip hop groups, Slum Village and Little Brother. And at the end I am joined by a very very special guest.

This week on BSDNow, we've got voting news for you (No not that election), a closer look at This episode was brought to you by Headlines ARIN 38 involvement, vote! (http://lists.nycbug.org/pipermail/talk/2016-October/016878.html) Isaac (.Ike) Levy, one of our interview guests from earlier this year, is running for a seat on the 15 person ARIN Advisory Council His goal is to represent the entire *BSD community at this important body that makes decisions about how IP addresses are allocated and managed Biographies and statements for all of the candidates are available here (https://www.arin.net/participate/elections/candidate_bios.pdf) The election ends Friday October 28th If elected, Ike will be looking for input from the community *** LibreSSL not just available but default (DragonFlyBSD) (https://www.dragonflydigest.com/2016/10/19/18794.html) DragonFly has become the latest BSD to join the growing LibreSSL family. As mentioned a few weeks back, they were in the process of wiring it up as a replacement for OpenSSL. With this latest commit, you can now build the entire base and OpenSSL isn't built at all. Congrats, and hopefully more BSDs (and Linux) jump on the bandwagon Compat_43 is gone (http://lists.dragonflybsd.org/pipermail/commits/2016-October/624734.html) RiP 4.3 Compat support.. Well for DragonFly anyway. This commit finally puts out to pasture the 4.3 support, which has been disabled by default in DragonFly for almost 5 years now. This is a nice cleanup of their tree, removing more than a thousand lines of code and some of the old cruft still lingering from 4.3. *** Create your first FreeBSD kernel module (http://meltmes.kiloreux.me/create-your-first-freebsd-kernel-module/) This is an interesting tutorial from Abdelhadi Khiati, who is currently a master's student in AI and robotics I have been lucky enough to participate in Google Summer of Code with the FreeBSD foundation. I was amazed by the community surrounding it which was noob friendly and very helpful (Thank you FreeBSD We will run two storage controllers (ctrl-a, ctrl-b) and a host (cln-1). A virtual SAS drive (da0) of 256 MB is configured as “shareable” in Virtual Media Manager and simultaneously connected with both storage controllers The basic settings are applied to both controllers One interesting setting is: kern.cam.ctl.harole – configures default role for the node. So ctrl-a is set as 0 (primary node), ctrl-b – 1 (secondary node). The role also can be specified on per-LUN basis which allows to distribute LUNs over both controllers evenly. Note, kern.cam.ctl.haid and kern.cam.ctl.ha_mode are read-only parameters and must be set only via the /boot/loader.conf file. Once kern.cam.ctl.ha_peer is set, and the peers connect to each other, the log messages should reflect this: CTL: HA link status changed from 0 to 1 CTL: HA link status changed from 1 to 2 The link states can be: 0 – not configured, 1 – configured but not established and 2 – established Then ctld is configured to export /dev/da0 on each of the controllers Then the client is booted, and uses iscsid to connect to each of the exposed targets sysctl kern.iscsi.failondisconnection=1 on the client is needed to drop connection with one of the controllers in case of its failure As we know that da0 and da1 on the client are the same drive, we can put them under multipathing control: gmultipath create -A HA /dev/da0 /dev/da1 The document them shows a file being copied continuously to simulate load. Because the multipath is configured in ‘active/active' mode, the traffic is split between the two controllers Then the secondary controller is turned off, and iscsi disconnects that path, and gmultipath adapts and sends all of the traffic over the primary path. When the secondary node is brought back up, but the primary is taken down, traffic stops The console on the client is filled with errors: “Logical unit not accessible, asymmetric access state transition” The ctl(4) man page explains: > If there is no primary node (both nodes are secondary, or secondary node has no connection to primary one), secondary node(s) report Transitioning state. > Therefore, it looks like a “normal” behavior of CTL HA cluster in a case of disaster and loss of the primary node. It also means that a very lucky administrator can restore the failed primary controller before timeouts are elapsed. If the primary is down, the secondary needs to be promoted by some other process (CARP maybe?): sysctl kern.cam.ctl.ha_role=0 Then traffic follows again This is a very interesting look at this new feature, and I hope to see more about it in the future *** Is SPF Simply Too Hard for Application Developers? (http://bsdly.blogspot.com/2016/10/is-spf-simply-too-hard-for-application.html) Peter Hansteen asks an interesting question: The Sender Policy Framework (SPF) is unloved by some, because it conflicts with some long-established SMTP email use cases. But is it also just too hard to understand and to use correctly for application developers? He tells a story about trying to file his Norwegian taxes, and running into a bug Then in August 2016, I tried to report a bug via the contact form at Altinn.no, the main tax authorities web site. The report in itself was fairly trivial: The SMS alert I had just received about an invoice for taxes due contained one date, which turned out to be my birth date rather than the invoice due date. Not a major issue, but potentially confusing to the recipient until you actually log in and download the invoice as PDF and read the actual due date and other specifics. The next time I checked my mail at bsdly.net, I found this bounce: support@altinn.no: SMTP error from remote mail server after RCPT TO:: host mx.isp.as2116.net [193.75.104.7]: 550 5.7.23 SPF validation failed which means that somebody, somewhere tried to send a message to support@altinn.no, but the message could not be delivered because the sending machine did not match the published SPF data for the sender domain. What happened is actually quite clear even from the part quoted above: the host mx.isp.as2116.net [193.75.104.7] tried to deliver mail on my behalf (I received the bounce, remember), and since I have no agreement for mail delivery with the owners and operators of that host, it is not in bsdly.net's SPF record either, and the delivery fails. After having a bunch of other problems, he finally gets a message back from the tax authority support staff: It looks like you have Sender Policy Framework (SPF) enabled on your mailserver, It is a known weakness of our contact form that mailervers with SPF are not supported. The obvious answer should be, as you will agree if you're still reading: The form's developer should place the user's email address in the Reply-To: field, and send the message as its own, valid local user. That would solve the problem. Yes, I'm well aware that SPF also breaks traditional forwarding of the type generally used by mailing lists and a few other use cases. Just how afraid should we be when those same developers come to do battle with the followup specifications such as DKIM and (shudder) the full DMARC specification? Beastie Bits Looking for a very part-time SysAdmin (https://lists.freebsd.org/pipermail/freebsd-jobs/2016-October/000930.html) If anyone wants to build the latest nodejs on OpenBSD... (https://twitter.com/qb1t/status/789610796380598272) IBM considers donating Power8 servers to OpenBSD (https://marc.info/?l=openbsd-misc&m=147680858507662&w=2) Install and configure DNS server in FreeBSD (https://galaxy.ansible.com/vbotka/freebsd-dns/) bhyve vulnerability in FreeBSD 11.0 (https://www.freebsd.org/security/advisories/FreeBSD-SA-16:32.bhyve.asc) Feedback/Questions Larry - Pkg Issue (http://pastebin.com/8hwDVQjL) Larry - Followup (http://pastebin.com/3nswwk90) Jason - TrueOS (http://pastebin.com/pjfYWdXs) Matias - ZFS HALP! (http://pastebin.com/2tAmR5Wz) Robroy - User/Group (http://pastebin.com/7vWvUr8K) ***

On this episode I welcome the lovely Ms. Toni Dixon to the show to discuss the racial issues in our country. This is the first of of a 2 part conversation with Toni so stay tuned for the second part.

On this weeks episode I welcome my good friend Bryant "Beans" Veal. We talk about being fans of Pro Wrestling and how that morphed into a love of MMA. Beans and I give our impression on the the progression of the sport and the current state of business. Finally we breakdown the future fights and give out predictions for this weekends ufc204

After a great night of Ufc fights at the Quicken Loans Arena in Cleveland me and Mike hop in the car and make our was back home to Detroit. This episode is a conversation between the 2 of us discussing the ufc 203, wrestling, cm punk, the city of Cleveland, 9/11 and various other topics that come up on our trip. So buckle up and come along for the ride with us. Make sure that you like, subscribe, follow, comment. Follow me on twitter and instagram at devinthe63. Check out the All Steak No Sizzle Facebook page. If you have comments, questions, or suggestions for future episodes email me at asnspodcast@gmail.com

On this episode I will preview the 2016 NFL season. I will give my predictions on the division winners, wild card teams and the Super Bowl winner. I will also breakdown the Detroit Lions chances going into the season. I will also preview this weekends exciting UFC 203 card. Check out the All Steak No Sizzle Podcast Facebook page: https://www.facebook.com/All-Steak-No-Sizzlee-Podcast-794531137349982/?ref=bookmarks Check out my Twitter and Instagram : @devinthe63 If you are looking for a logo or graphics hit up Chris Wade @ goldhooligan on instagram If you need voice over work hit up my boy Julian Smith on twitter @juliansmithvo or check out his website juliansmithvo.com.

ASNS EPISODE 2 by All Steak No Sizzle Podcast

This is the first of many episode of the All Steak No Sizzle Podcast. On this episode I will give the listeners an idea of what to expect from the show. We lay down the foundation of the ASNS show.

Slides here: https://defcon.org/images/defcon-22/dc-22-presentations/Mahjoub-Toonk-Reuille/DEFCON-22-Mahjoub-Reuille-Toonk-Catching-Malware-En-Masse-DNS-IP-Style-UPDATED.pdf Additional Materials available here: https://defcon.org/images/defcon-22/dc-22-presentations/Mahjoub-Toonk-Reuille/DEFCON-22-Mahjoub-Reuille-Toonk-Catching-Malware-En-Masse-DNS-IP-Style-WP.pdf Catching Malware En Masse: DNS and IP Style Dhia Mahjoub SENIOR SECURITY RESEARCHER, OPENDNS Thibault Reuille SECURITY RESEARCHER, OPENDNS INC Andree Toonk MANAGER OF NETWORK ENGINEERING, OPENDNS The Internet is constantly growing, providing a myriad of new services both legitimate and malicious. Criminals take advantage of the scalable, distributed, and rather easily accessible naming, hosting and routing infrastructures of the Internet. As a result, the battle against malware is raging on multiple fronts: the endpoint, the network perimeter, and the application layer. The need for innovative measures to gain ground against the enemy has never been greater. In this talk, we will present a novel and effective multi-pronged strategy to catch malware at the DNS and IP level, as well as our unique 3D visualization engine. We will describe the detection systems we built, and share several successful war stories about hunting down malware domains and associated rogue IP space. At the DNS level, we will describe original methods for tracking botnets, both fast flux and DGA-based. We use a combination of fast, light-weight graph clustering and DNS traffic analysis techniques and threat intelligence feeds to rapidly detect botnet domain families, identify new live CnC domains and IPs, and mitigate them. At the IP level, classical reputation methods assign “maliciousness” scores to IPs, BGP prefixes, or ASNs by merely counting domains and IPs. Our system takes an unconventional approach that combines two opposite, yet complementary views and leads to more effective predictive detections. (1) On one hand, we abstract away from the ASN view. We build the AS graph and investigate its topology to uncover hotspots of malicious or suspicious activities and then scan our DNS database for new domains hosted on these malicious IP ranges. To confirm certain common patterns in the AS graph and isolate suspicious address space, we will demonstrate novel forensics and investigative methods based on the monitoring of BGP prefix announcements. (2) On the other hand, we drill down to a granularity finer than the BGP prefix. For this, we zero in on re-assigned IP ranges reserved by bad customers within large prefixes to host Exploit kit domains, browlock, and other attack types. We will present various techniques we devised to efficiently discover suspicious smaller ranges and sweep en masse for candidate suspicious IPs. Our system provides actionable intelligence and preemptively detects and blocks malicious IP infrastructures prior to, or immediately after some of them are used to wage malware campaigns, therefore decisively closing the detection gap. During this presentation, we will publicly share some of the tools we built to gather this predictive intelligence. The discussion of these detection engines and “war stories” wouldn’t be complete without a visualization engine that adequately displays the use cases and offers a graph navigation and investigation tool. Therefore, in this presentation, we will present and publicly release for the first time our own 3D visualization engine, demonstrating the full process which transforms raw data into stunning 3D visuals. We will also present different techniques used to build and render large graph datasets: Force Directed algorithms accelerated on the GPU using OpenCL, 3D rendering and navigation using OpenGL ES, and GLSL Shaders. Finally, we will present a few scripts and methods used to explore our large networks. Every concept is intended to detect and highlight precise features and will be presented with its corresponding visual representation related to malware detection use cases. Dhia Mahjoub works on research and development problems involving DNS, security, big data analysis, and networks. He focuses on building fast predictive threat detection systems based on the monitoring and analysis of traffic and hosting infrastructures. Dhia holds a PhD in Computer Science from Southern Methodist University, Dallas with a specialty in graph theory applied on Wireless Sensor Networks. He has a background in Computer Networks with experience in writing sniffers and port scanners among other things. Dhia presented his research at BSides NOLA, APWG eCrime, BSides Raleigh, BotConf, BSides San Francisco, ISOI 13, SOURCE Boston and will be talking at the upcoming BSides NOLA and VirusBulletin. He is also member of the non-profit security research group MalwareMustDie helping track botnets and other malicious sources on the Internet. Twitter: @DhiaLite Thibault Reuille is a Security Researcher at OpenDNS Inc. His research is mainly focused on big data visualization. At a very young age, Thibault fell in love with the demo scene and everything related to computer generated art. He started to teach himself 3D graphics and went to EPITA school in Paris, France. He later joined the LSE, the computer security laboratory, for a total period of 4 years where he spent a lot of time breaking everything he could. He built a solid knowledge of reverse engineering, pen-testing, secure programming, exploit writing and many other (in)security related techniques. After obtaining his master's degree in 2010. Thibault decided to move to California and accepted a position at Nvidia Corporation. This is where he had the chance to refine his 3D graphics knowledge and to dig deep inside the GPU mechanisms and the OpenGL API. He stayed at this position for 4 years. Finally, Thibault found a new job at OpenDNS Inc. as a Security Researcher and has been working there since June 2013. He is developing a 3D engine capable of rendering large amount of data and extract intelligent patterns from it using advanced graph theory. He believes the combination of visualization, distributed computing and machine learning is the key to take computer intelligence to the next level. Thibault has given several presentations in world renowned conferences, such as: CanSecWest Vancouver (March 14, 2014) BSides SF (February 23, 2014) BayThreat 4 (December 6, 2013) You can consult some of his work here: http://labs.umbrella.com/author/thibault/ And some of his artsy work here : http://thibaultreuille.tumblr.com/ Twitter: @ThibaultReuille Andree Toonk is the manager of network engineering at OpenDNS. At OpenDNS Andree is responsible for the OpenDNS global Network architecture, development, implementation and operations of the OpenDNS infrastructure. Managing all aspects:transit, peering, anycast, DDOS mitigation, facilities, routing, switching, firewalls, etc. Andree is the founder and lead developer of BGPMon.net, where he specializes in BGP routing and BGP security incidents such as routing hijacks and large scale outages. Andree received his M.Sc. degree in System and Network Engineering from the University of Amsterdam. He has presented about network security at network engineering conferences around the world such as Nanog and Terena and Canheit. Twitter: @atoonk