Podcasts about bluekeep

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 250.  It is Wednesday November 18th 2020.  I am your host Scott Gombar and Nearly ¼ million Windows machines are still vulnerable to BlueKeep This podcast is brought to you by Nwaj Tech, a Client Focused and Security Minded IT Consultant based in Central Connecticut.  You can visit us at nwajtech.com  Cisco Releases Security Updates for Security Manager Chrome 87 released with performance boost and security fixes Firefox 83 boosts security with HTTPS-Only mode, zero-day fix Phishing emails double in November in run-up to Black Friday and Cyber Monday Google confirms Chrome crashing bug on Macs with Apple CPUs Hackers are actively probing millions of WordPress sites Office 365 phishing campaign detects sandboxes to evade detection Coil payments platform leaks user emails in 'Privacy Policy' update Ransomware attack forces web hosting provider Managed.com to take servers offline More than 245,000 Windows systems still remain vulnerable to BlueKeep RDP bug North Dakota and Delaware State Departments Report Breaches of PHI Ransomware Attacks Impact First Impressions Orthodontics, Kids First Dentistry & Orthodontics, and Hendrick Health Patients

Our guest today is one of the security industry's most prolific video bloggers, Javvad Malik. Javvad has a signature fresh and light hearted take on security, and during this interview he talks about how he found his own voice. He also has plenty of advice for our audience on how to put a great presentation together to keep your audience engaged.In addition, Javvad's story on how he got into the security industry, and the people who helped him along the way, is well worth a listen to. Plus, we discuss the "Zombieland" rules for Security, and find out what kind of movie Javvad would make if he was put in charge of such a thing.Also in this episode, we bid a fond farewell to Noureen who is moving on to an incredibly exciting new adventure. Before she goes however, she has some wonderful words of inspiration and wisdom for our listeners.And finally Ben has some brand new threat research for us. He's here to tell us all about Remote Desktop Protocols. We examine the ways in which RDP has been a target of bad actors over the years, covering unauthorized logins, man-in-the-middle attacks, and vulnerabilities, including the ‘wormable’ BlueKeep exploit. You can learn more about this research at https://blogs.cisco.com/security/rdp-and-the-remote-desktop Episode time stamps:0.00 - 14.16: Intro and saying goodbye to Noureen14.17 - 54.50: Interview with Javvad Malik54.51 - 67.54: Threat of the month (RDP attacks) with Ben67.55 - 69.09: Closing words

This week is a replay of the show aired originally on 7 Mar 2020 Welcome!   We are going to hit a number of topics today from the world of Technology.  I am quite disappointed with Mozilla, they are letting marketers and politicians define their technology. Listen in to find out why I feel that way. Compliance is an issue for many companies and I have some solutions that will help you and it includes a diet but probably not the kind you are thinking.  Do you ever get nostalgic for "the good old days?" Well, I have something that might help, listen in to find out more. I will tell you happened to one of the Sharks from Shark Tank? How you can prevent it from happening to you and more. For more tech tips, news, and updates visit - CraigPeterson.com --- Related Articles: Getting Your Fix of Nostalgia Don’t Store Data You Don’t Need Cryptocurrencies and Insurance Increases Ransomware Profitability Are you Secure -- Depends on Many Things You Don’t Have Much Time To Stop An Attack Hackers Target Large Databases Anyone Can Be A Victim - Business Email Compromise Does Not Play Favorites  DNS over HTTPS (DoH) is not the Panacea the Marketers Are Leading you to Believe --- Automated Machine Generated Transcript: Hello everybody, Craig Peterson here on WGAN and, of course, online at Craig Peterson, dot com and heard streaming all over the world on your favorite streaming site. I'm so glad to be here today and be able to talk with you a little bit about what are the top news stories this week? How can you keep safe that's kind of one of my themes because I freaked out when my company got attacked some years ago. You know, just a regular business guy trying to run a small business and man did hurt me bad back in the day. I'm just trying to get all of the information I've put together over the years and learn, and I continue to study this stuff and continue to look at what are the best ways to defend ourselves. I try and get all of that and put it together into neat packages for you. One of them, of course, is the radio show. I also get on with Facebook Lives. YouTube lives, and also do various types of pieces of training and tutorials and things out there. Where in fact, for the next course I have coming up, we're going to have implementation calls, where we are talking specifically about what to do when you do it. So you try and implement something, you have some issues. I'm going to get on the phone with you guys. So I think that's going to be great. And then the upcoming class here in a few weeks. And then, of course, the tutorials leading up to that class where I'll take your questions live, sometimes those little tutorial sessions on, you know what it's webinar technology. On these webinars, sometimes we go a couple of hours so I can answer all of your questions. That's what it's about here. All right, because I understand most people, not I know I'm this way too. I get contacted by somebody, and they're trying to sell me something that happened just over the weekend. Last weekend somebody knocked at the door, trying to sell windows, right. I think it was like Renewal by Andersen or something like that. And they were walking around knocking on doors. I see you know, immediately just knee jerk said, No, No thanks, my windows are fine. It got me to thinking about the whole situation in the security realm. Because that's what we do, right? What we've been doing for years decades, sometimes we have the antivirus software, every once in a while when we hear about a real big vulnerability, we go ahead and apply patches. You know, it's been the same old, same old, but we just can't do that anymore. And because really, we see huge, huge problems and businesses going out of business because of them. So that's what this is all about. So if you're a new listener, welcome. If you've been listening to me for a while, of course, Welcome, Welcome to you too. And I want to get this information out. So one of the best ways to make sure you have all of the latest information you need is to go online go to Craig Peterson dot com slash subscribe, and that'll get you on my email list. Then once you're there, you will be able to keep up on up to date on things I do, try and get those out. I have a newsletter that's every Saturday morning. Then when I'm doing training, I'll send something that's a little out of the band if I'm doing a live or various other things. I thought because of the way it works with the emails I send out, if you want to unsubscribe, you will be guaranteed to never hear from me again. Maybe that's a great thing that is right for some people. But for other people, I came to realize that perhaps they didn't care about the training, they just wanted the newsletter, or perhaps they wanted the pieces of training but didn't want any emails. Some wanted on courses but not other courses, etc., etc. So I'm going to try and do something a little bit different right now, and there's a pretty nasty warning as a footnote. If you unsubscribe, I can't send you anything anymore. I won't send you anything even if you want a course, you'll not hear from me again, because you unsubscribed and marked as somebody that doesn't ever want to hear from me again. That's fine. I know we all have our lives, and maybe you think you're safe enough. Perhaps you're going to reach out to me when everything falls apart around you. At which point, I can't respond to you because I will have your email blocked. That is because I don't want to bother you. I want to comply with the can-spam app act. Although, you know, most people don't seem to care about that as well as the GDPR. Also, The New California regulations, the Massachusetts regulations, and new federal regulations that are going into effect. They all place requirements on when and where I'm not supposed to contact you. If you say No. Then No means no, right. I'm going to change things a little bit with these upcoming training and courses that I'm going to be doing. I'm going to make it so you can just unsubscribe from those, so you're not going to lose contact with me. I've had some people complain, and in the end, it becomes a bit of a pain to try and add them back in. We're going to try and make this a little bit easier for you guys, so keep an eye out for that. You already know right based on what I'm saying, as well as what I've done in the past that I won't spam you guys, I don't sell your name to other people your email address. Most of you I know are kind of the older generations, the younger guys they don't care we've already talked about that. They will sell their email address and name for a donut. But us older folk were a little bit more cautious about it. I think that's probably a good thing. We're less likely to get ripped off the senior population in some ways less likely to get ripped off, and other ways more likely get ripped off. It's interesting. Again, we tend to trust phone calls more. You know what I have, frankly, I don't answer my phone anymore. It just goes to voicemail. And I have somebody else look at it because there are so many scams coming in. But we tend to trust the phones more in the generation, you know, the men and women older than me, other baby boomers, they are a little bit more susceptible to those types of scams. So be careful with those types of scams as well just you know, be careful all the way around, frankly. And that brings us to our first story of the day today. And this is something I found that I thought was cool. So I thought I'd share it with you. It's a tech thing. I was just a few weeks ago talking on the radio. One of the radio shows I appear on as a guest. And we were talking about Betamax versus VHS. And I knew I knew that the radio host I was talking to there's no way he just loves tech. There's no way he did not have Betamax. And he did. He had hundreds, apparently of beta tapes in his closet. But this is all about that Era of the 1990s. I'm sure you guys had VCRs right back in the day. And of course, the winner of that war was VHS, and it wasn't because it was better technology, but we're not going to delve into that right now. And those VHS tapes, at this point, about 20,000 of them have been put into an online vault. Now, if you've never used the Wayback Machine, you have to check it out. You can find it online. At archive.org, that's the name of it. It is an Internet Archive, and it shows web pages going way back, you can look at my web page from back in the very, very, very early days of the Internet. When you know, love the not the Internet, but of when the whole web thing came about, which was 9293 is when it started to go. I didn't have a webpage back in 85. When I first registered my domain that's been around for a while. And then, of course, I was using other domains. Before that, I've used my ham radio call sign is my domain. And before that, but the Wayback Machine is this archive, you can browse the history of any major site, many miners sites that are out there. They have used it in court cases. It's used by me, just for kind of memories of things as the way they were. Now you can use it for something brand new. I didn't know that they had, and that is They've got something out there on the Wayback Machine that's called the VHS vault V-H-S just like the VHS tapes that we had or that ken didn't have because he had Betamax. Right now, I'm looking at says there are almost 21,000 results. So they've taken these VHS tapes that were submitted, and they have effectively ripped them. They've turned them into digital video, right. And some of these are just amazing, like a warm-up to Traci Lords. It's an exercise program. Of course, Traci Lords was involved in some adult films back in the day. Man, I love this mystery science theater. 3000 Timothy Leary is a guest on MTV with John Lennon, Les Miserables from 1935, rush to judgment. There are some many cool things The Lion King in full VHS tapes. Now some of this information is probably still copyrighted, but as a general rule, archive.org doesn't get nailed for copyright violations. SpongeBob SquarePants Oh, this is the Fairy Fairy Godmother I think is what this cartoon was called and trying to remember my kids used to like it. Some bootleg tapes, everything, but you can find it online I think you would have a gas looking through these. I want you to go to archive.org as you're listening to the show, or maybe some other time during the week, you're sitting there watching some TV with your smartphone or your computer. Archive.org and look for the VHS vault. The actual URL is archive.org slash details slash VHS vault. You will see all kinds of fun stuff that's in there. They have many different collections You can search this you can go in by year when They did it. They have Flemish dog collection. There's another one. There are collections I've used in some of the training videos I put together. There are collections of old black and white art, and pencil art, and engineering diagrams that are well, well auto copyright and you'll find all that stuff@archive.org Check it out, I think you will have a gas checking it out. If you're like me, it's certainly brought back a lot of memories.  When we get back, we're going to be talking about something that you should be doing, whether you're a home user or business user. You know, the things that we have to be worried about are the things that can be stolen from us, right, in the online world. Okay, this is what we will be talking about. What can be taken from us, but also what can be used to kind of hold our feet to the fire in ransomware. So we're going to talk about how to reduce your risk with Craig Peterson here on WGAN Stick around. We'll be right back. Hey everybody Craig Peterson back here on WGAN online, and of course, at Craig Peterson dot com. Yeah, you know it by now, right? Well, hopefully, you had a chance to look@archive.org, definitely check it out. It's called the Wayback Machine, at least that was its original name. And they may still have that domain, the Wayback machine.com. But now it's known as archive.org. It is a wonderful, wonderful trip down memory lane, at least for me. If, if you are a little bit older, you might remember the Internet back in the days fun looking at some of the original search pages at AltaVista. Man, I miss AltaVista. I used to like to use the Boolean algebra that you could do in AltaVista. By the way, if you are a geek like me when it comes to searching and you want to be able to dig into it. There's a tool I use, and I think that you'd like it also. It's not cheap, that's for sure, but not that expensive either, but it's called DEVONthink, D-E-V-O-N T-H-I-N-K. It allows you to set up searches using all kinds of Boolean constructs, which is very, very, very handy, at least as far as I'm concerned. You can set it up to do automatic search sets every day looking for different things. It's one of the tools I use to find the information that we talk about here on this show because so much of it just isn't generally speaking, available. It certainly isn't spoken about by the mainstream media, right? You know that right. That's why you listen to the show and why you follow me. I am on LinkedIn. I'm on Facebook. I'm on Twitter, YouTube, and my website as well. I appreciate all you guys who do follow and who comment. Now, if you're a business person, this is for you, but there are some things that you can do as an individual as well that are going to make a big difference for yourself and your safety online. Businesses are concerned about the GDPR, which we've talked about on the show before. That's the European privacy regulation. We're also very concerned right now with CCPA. I just had a company that makes optics. I use their optics here in the studio if you have ever seen me on a webinar or one of these videos or pop up training or anything. I'm in the studio, and my cameras here the lenses use the glass made by this company. I had no idea, but they reached out to us due to their operations in California. They have a sales operation there because, again, they're selling their optical glass for use in lenses, and all kinds of other devices. They reached out because they were concerned about what is happening, what could happen with these new California privacy regulations? Is it going to mess up their business? How is it going to mess up their business? How is it going to make things better or worse? I think they had some outstanding questions. So they called us in, and they paid us to do an audit of the systems they have. How are the systems working? What is it that we need to be worried about? You know, it's something that takes a few weeks and a couple of on-site visits in New York? New York State, which by the way, is going to have their own set of privacy regulations that are going to affect them pretty dramatically. But basically, what it came down to was if they were compliant with the European regulations, they were probably most of the way towards the California regulations. So they think that they're compliant. But when we got in and started having to look at it, it turned out No, no, no. They are not anywhere near compliant with either set of regulations. Even though their IT people told them they are because they have full-time programmers who are programming their systems. They thought, Oh, no, no, we're fine. We're fine. No, they weren't. So what do you do if your regular business? Enough moaning and groaning about the optical manufacturer, who has fantastic optics, which is why I use them. Let's talk about you. Let's talk about your business, your small business, your larger business, this is true, you should be paying attention if you are a medium or large business as well. One of the best things you can do, and it is hard to get through to a lot of CEOs and other business owners. But one of the best things you can do to reduce your risks is to reduce the data that you are maintaining. Right? If you want to reduce the chance of getting shot at, don't go out in the streets where they're shooting, right? If you want to reduce the risk of having your data stolen, then don't have the data out there for them to steal. If you don't want to get nailed by one of these new regulations, that says, hey, personally identifiable information has to be maintained in this way and that way. If someone asks you what data do you have on me? Do you realize now you only have one week to respond? You must provide that data to them. If you have any sort of a California Nexus or European Nexus, in other words, doing business in either one of those places. Now, it's down to I think five days it's not a week to respond, saying, Here's all of the data that we have about you. That's what you have to be able to do. We have to be able to do it right now. You also have to be able to tell them, here are all of the people within my organization as well our contractors that saw your data and had access to your data. That is a very, very big deal, frankly. The landscape is constantly changing your obligations for that data, and the data disclosure and the data-keeping keeps getting more strict. What's the right thing for you to do? Ultimately, well, it's to get rid of the damn data, right? It's a very, very solid first step in reducing your risk. Now I'm going to be publishing next week, a little guide that you can use yourself, right, you don't have to have me involved, or anything else is just for you, that you can use to do an inventory of all of the data that you have in your business. What we've done is we've gone through and looked at different parts of the businesses that we've worked with over the years and evaluated the kind of data they often have. You have to do that first, right? You must identify what your risks are. You must determine what data you have. I'll make that available for those people on my email list. It will be part of this ramp-up here, a precursor to the pieces of training that I will be doing. There will be different free pieces of training and tutorials in my ramp-up to my courses. You don't have to be in the course to participate in the free tutorials, okay? You don't have to buy anything from me. It is all free, no hype or anything else. Okay. I'm not trying to hard-sell anybody I want to help you. That is the first step -- doing this inventory the data you have, and it is one of the best things you can do. Put your company on a data diet. Now, you know, last week we had Barry Friedman on the show, talking about a sugar diet. Right. It's a lot like that, and it's getting rid of these addictive pieces of data that we keep on our clients on our prospects, everything else that's out there, right. Let's look at it as a lens. When you're looking at your data when you're doing an inventory of these data assets, ask yourself, do I need this? Will this provide what I need? Think about maybe like a food diet as Barry does with sugar? Do I need sugar? We know is sugar going to provide us the nutrients that we need? The answer to that is no. When it comes to sugar, right. We found that out from Barry last week. But we need to work to minimize sensitive data and ask ourselves, do we need this sensitive data to conduct business right now? And will we need this sensitive data to conduct business in the future? If the answer's no, securely dispose of that data. It is the only way to comply with these regulations that are already in place here in the US and Europe as well. All right, when we get back, we're going to talk about how did we get here? How did we? How did ransomware grow to be a multi-billion dollar industry? What did we do to get here? What should we do to try and get beyond all of this? You're listening to Craig Peterson on WGAN. And of course online at Craig Peterson. dot com, live on youtube, live on Facebook everywhere out there. Stick around. We'll be right back. Hey, welcome back, everybody, Craig Peterson here on WGAN, and of course online at Craig Peterson dot com. In case you missed it. We've been busy today talking about the internet archives VHS vault. Again, that's archive.org. Check it out. It is kind of cool. We just talked about reducing risk using the cheapest mechanism possible. Data minimization will save you money and help you be compliant. Now I'm going to talk about ransomware. We've been warned recently about ransomware's rise. Many people thought it's kind of past. In some ways, it has. 2018 was kind of the banner year for the standard ransomware that out there, but it is back, and it is back with a vengeance. We talked about some of the statistics about a month ago and showed how it had gone up a bit almost doubled just between the third and fourth quarters last year, which is just absolutely dramatic. I had a course before, where we talked a little bit about backups. I've certainly talked about it here on the show before, and how backups help stop ransomware. Let's just spend a couple of minutes on that right now, although it's not 100% accurate anymore. It is essential to do for just a whole plethora of reasons. Backups are kind of the very first stage of what you need. I read an article yesterday from a guy who is in some of the highest circles in the country. He had the phone numbers, the direct cell numbers of presidents and you name it, really just anybody who's anybody was on his phone. It was an Android phone. He had assumed that it was backed up into the cloud or something. His phone broke. He got a new phone and realized at that point that his phone had that never, ever, ever, been backed up. He lost the phone numbers from all of these people. Good luck getting them back, cell phone numbers, other contact information. Think of all the things that are on our phones nowadays. Losing your phone, having a hard disk crash on your laptop, or your desktop computer. Losing those can be devastating, no question about it. If you're a larger business and you think that you're doing backups, double-check them. I'd say three times quarters of the time, and I can't think of an exception to this, your backups will not work correctly for that business. I've never seen a case where all backups are working correctly, ever, ever going into a business. I know you, Craig, you're just crazy. It's silly. You're trying to build a business and scare people. No, I have never walked into a company and found their backups to be working correctly. We see things like, and I don't mean, they're not working in a way that is ideal or optimal for the business. Right? Certainly that on top of it. I mean, they weren't working. We had one company that we went into, and they were dutifully doing backups, and the operations manager had five external hard disks. Every day he brought a hard drive in, he plugged it into the server and took it home at the end of the day. So we had Monday through Friday, hard disks that you brought back home with them. So they were off-site, which is, you know, great idea, by the way. The server itself had a RAID configuration on it and is called a raid five. It had three hard disks so that if a drive failed, they wouldn't lose all of their data. We went in because they wanted to do some upgrades. They hoped to move over to Apple infrastructure, where people could use iPads and iMacs on their desks to have a better working environment for everyone by moving away from windows. By the way, this is an excellent idea. They still had some Windows software that they had to run, so we helped them with that and got that all working running correctly. The backups you know, they were trying to do the right thing. But you know, you know what, there were a couple of problems one, their server had not written to any of those external disks for the last 18 months. They went a year and a half without ever having had a good backup. Think about that. What would happen to that business? What would happen to your company? After 18 months of no good backups and losing all your data? Oh, and their server, an HP server, that cute little HP server had that RAID array, right a raid five where you can lose a disk and not lose data. Well, they had lost a drive. We were estimating based on the logs about a year before. There they were with no backups and no redundancy in their server disks on their server. That's an example right now, and I could go on and on. We had a company division of a Fortune 100 company that had paid for backups, and they had a dedicated data line. We put some next-generation firewalls in place that monitored the data and watched for data exfiltration to make sure that the plans and designs and social security numbers and bank accounts and everything were not being stolen or taken off off-site, right. Guess what we found there? After six weeks of monitoring everything that's been going on because that's the first step right. Let's make sure we understand what the normal operations are. Didn't you tell us that you had an off-site backup of your mini computer going to another backup site? Oh, yeah, yeah, we do. It gets backed up in real-time. We're paying for the backups to go off-site. If something were to happen to our facility here, or to our computer, which is a big server, then they'd take over immediately we'd be off and running during those six weeks that we were in there we hadn't been involved with these operations. Ultimately, we were in there for decades. Guess what we found? Yeah, exactly. None of the backups were occurring. They were paying for all of these things, right? They were paying for them. What we ended up doing is we came in, and we made sure that backups were happening. Unfortunately, they didn't have us do those backups. The company doing it for them was incompetent. And yet they decided to have them continue to do it. It doesn't make sense. We took over the rest of the backups. We had equipment on site, which we do at most of our clients. In case there's a problem, there are failovers that can occur. In this case, we'd have them back online in four hours, a requirement of publicly traded companies and their divisions. Again, they're just not doing anyways. Ramble. Ramble. Wow, we've only got a couple of minutes left here in this segment. When it comes to backups, here's what you have to be careful of, and that is, make sure they are happening. Check the backups. Try and restore from your backups. Now, we're talking about ransomware. It is a seven and a half-billion-dollar industry. They are coming for you, and one of the best things you can do is have a backup. Still, there's another side to ransomware, nowadays, that backup won't help you with, and that is that they have your data, and they hold a ransom saying, if you don't pay us, we're going to release this onto the Internet. Then you're in real trouble. If you have personally identifiable information, or if you have your intellectual property out there, and it gets out to the Internet because you don't pay that ransom, you are in real trouble, plus if they encrypt your data, you'll need that backup.  All right, stick around. We will be right back. And we're going to be talking about our next topic for the day, which is how do you answer a non-technical executive, who asks, how secure are we? Your listening to Craig Peterson on WGAN and online at Craig Peterson dot com. Hey, have you ever been asked that question? Well, we'll tell you about how to answer it, coming right up. Hey, welcome back, everybody, Craig Peterson here on WGAN and online, of course at Craig Peterson dot com. No surprise there. Our next one is an interesting article and poses an interesting question. It is one that I'm sure you ask or have been asked, right? How secure are we? You are the Calvary, is the bottom line. You're the person who your family comes to, or the business owner comes to, the business asks whenever they have a tech question, right? You wouldn't be listening otherwise. It is how you get ahead. It is how you learn. You listen to me and others, read articles. You are the Calvary. How does the Calvary answer that question, when you're asked, How secure are we? You know, there's the obvious answer. Well, you know, we got this, and we got that. We have an Anti-virus, and we have a firewall. Those, frankly, are buzzwords that many of us use just to obfuscate the real answer to that question. I know that many times when we go into a business, and we secure it, we put together a proposal. Most of the time, our recommendations are not accepted. Most of the time, when we go into a business, and we say, here's what you need. Here's what you need to do to stay secure, they say No, thank you, and prefer to run with blinders. Hopefully, they won't stumble in the middle of the night get or tossed by that horse, of just kind of ignoring it, right. Blinders or maybe you might want to call it ostrich-ing and to put their head in the sand or whatever, you want to call it, But most of the time, in reality, the businesses just don't do anything. Sometimes they do, right. That's how I stay in business. I stay in business because of the companies that want to remain secure. I stay in business because of the people that are the Calvary. They're like you who want to buy my courses to understand more to get step by step instructions know, not just the stories behind things, but the strategy in the exact tactics that they have to take. And that's you, I suspect, right? I think you're probably a lot like me in that way. That's how I like to learn, and that's how I teach as well. Well, this article is from our friends over Dark Reading. And the question is, uh, how secure are we? And how should we answer that? There's a great response by Kurtis Minder, the CEO, and Co-Founder of GroupSense. He says it depends. You've got to look at your executive team and qualify their level of understanding. Answering the question with the answer of well, we have antivirus, we have a firewall, and we have mail filters. You know, a lot of people nowadays say, "well, we're in the cloud," and there's nothing to worry about, which we already know, isn't true, right? There's way more to worry about if you're in the cloud than if you have a local server. For those of you who are the kind of computer security people for your organization addressing this requires finding out where they are coming from who they are comparing. For instance, is it to what the Payment Card Industry PCI-DSS says we're supposed to do? Are we supposed to compare ourselves to the HIPAA-HiTech regulations? In other words, we have some medical data, which by the way, every company does, if you have any sort of a Health Insurance Program, right? Are we supposed to compare ourselves to the NIST 171 standard? There's, even more, there is the CMMC. There's, there's a lot of different criteria that are out there. You must understand the HOW before you answer this question. How secure we compared to similar companies in our industry? Or companies that are similar in size to us? No matter how you're going to answer that question, when the boss comes a-knockin or the kids or your wife comes a-knockin saying, How secure are we? No matter who it is you're talking to, I think the one thing you have to make sure of is that they understand that the whole security threat landscape is fluid. It's always changing, and your security programs need to be fluid as well. That's the reason I have consulting clients, right. That's the reason I have a membership program. The people who are the Calvary can follow and understand what it is they need to know. Now I want to hop over to this other guy here. His name is Matt Combs. And he is a global cybersecurity practice leader for an executive recruiter called Russell Reynolds Associates. It is absolutely a phenomenal interview on CIO.com. He's saying many companies were blissfully unaware t, especially those that don't have credit card information. How many times have I said that, right? It takes at least six months for the average company to figure out a breach occurred. Why did Matt say, especially those that don't have credit card information? It's because if they have credit card information, that information is likely to be sold on the open market very quickly. Once sold, the credit card companies are going to notice, right? Many companies have only learned that a breach occurred after the FBI came knocking on the door and told them they had a problem. Look at Home Depot. What happened? The FBI traced the dots. Home Depot, was compromised through their point of sale equipment. Can you believe that? people sitting in the parking lot of Home Depot hacked them? They didn't even know it until the FBI knocked on the door. That's a pretty big deal, on a pretty big company. I think they are the second-largest retailer in the country? When it comes to dollar-to-dollar value? Are you sold? Okay. If you don't have the credit card information, how would you even know that a breach happened? It goes ties back into the fluidity of security. It seems so obvious. Now when you look back at Home Depot and say, What were they thinking? I look at the target the TJX companies, and their hack they had security equipment, and that security equipment was quite good. It was alerting them, "whoa, wait a minute, guys, we've got a breach, okay." Did they take care of it? No, because they didn't know how to read the output, and they didn't have enough people to look at the logs, which is something else we keep telling you all. You have to watch the logs. You have to watch them closely. It's a full-time job. It's a highly skilled job, a highly trained job. It is not cheap, okay. I know a hotel company with 500 hotels in the United States, of course, you can look that up to find out who it is. They have a chief information security officer who is an information security group of one. Think about that 500 hotels, just the business itself, all of the data that they have, the liability that they have, and he doesn't have anyone working for him. Not even a support person. He has to beg, borrow, and steal help from it, and from the CIO, the Chief Information Officer. So when the executive asks you how secure are we, you have to say, Hey, listen, you know we can lock down the doors, we can lock down the windows, but the odds are if someone wants to breach us, they will be able to. However, make sure you are locking down the doors and locking down the windows. You got to close it all up. There was one other thing I think you should do when this non-tech executive asks you about how secure we are. That is, what's your nightmare, Mr. Executive? Which systems? Are you most concerned about being compromised? You should go back to the question I asked a little bit earlier, which is, what data do we have that maybe we shouldn't have? What data do we have that we are most concerned about losing? What are the Family Jewels in our organization? What is the data that if we were to lose it, we'd be in a lot of trouble, either because we could not conduct business anymore, or maybe we would get nailed by the regulators out there? Anyway, a lot of really, really good questions to ask because you're never 100% secure. All it takes is for one employee to click on the wrong link on an email. What I was just talking about will come up a little later on today. I talked about it this week on several radio stations. What happened with Barbara Cochran, an investor from Shark Tank. Stay tuned as we'll talk about it a little bit later on. All it takes and frankly, employee negligence such as accidental loss of data, accidental clicking on things. Employee negligence is still the main cause of data breaches. In a report from ShredIT now, of course, they're in the business of shredding documents of getting rid of these things. Shredding hard disk drives when you take them out of a computer. Remote workers and external vendors are also now a major cause of the increase in data breaches. That's one of the things we're going to be covering here in my course coming up in a couple of weeks, and that is the upstream-downstream risk. And the US military is totally into this now, because they had two or three major breaches last year that came through vendors. So hackers are no match for human error when it comes to sheer numbers. You also have the insider threats of people who are stealing from you. So they can get a better job, take it with them to another job. You have people who are upset with you and are just making an absolute mess of things on the way out the doors. So be very careful about that because it's huge data breaches cost an average of $3.6 million globally average that was in 2017. Some of those prices have gone up. The faster you respond to a breach, the more money that you'll save. They found that if you can respond to a breach within 30 days, on average, you'll save over a million dollars. Think of that. The odds are good that you will get breached. You will save, on average, a million dollars. Yet you're not funding the security people either by going to an external contractor, like me, to take care of it for you. Or you don't provide the resources to the internal people they need to do it. It is a huge, huge job. All right, top of the hour course, on the radio stations, we've got the news, traffic, weather, all that sort of stuff coming up. Then when we get back, we're going to talk about a new metric in security. The next-gen security metrics. Stick around, and you are listening to Craig Peterson on WGAN and online.   Hey everybody, welcome back. Craig Peterson here, on WGAN and, of course, online at Craig Peterson dot com. We have already covered a bunch today. I would refer you over to my website. If you'd like to find out a little bit more, of course, I'm also on the streaming services. You can find it there. We've covered the internet archive. They've got this cool, new VHS vault. We discussed ways to reduce your risk of data loss. It's all about identifying your data. and then minimizing your data, how we enabled ransomware to become a multi-billion dollar industry. And I also gave some good advice on backups and the fact that 100% of the businesses I've ever walked into have had a failed backup strategy and failed in a bunch of different ways. It is big for all of us who are out there who are members of the Calvary, who are trying to help our friends, our family with their computer issues, and the businesses for whom we work. Then we got to how to answer questions that we get that have to do with our level of security? How secure are we? How secure is the business? That's what we have covered so far today. I love our next topic. It's phenomenal. It's from Thread Post.com. But they're talking about different types of security metrics. Now, metrics, of course, our measurements, or the ways we measure things. We always have to measure progress to be able to know have we gotten to where we need to be, right. Progress can be difficult to measure. There are a lot of different types of measurements when it comes to our security. Say for Microsoft Windows, one of the big things is, are you ready every Patch Tuesday. Then a little bit more, as Microsoft sometimes comes with out-of-cycle patches. They got nailed a few years ago, through criticisms about them releasing new patches, like constantly, because they needed to release them. And so instead of fixing their problem, which would be almost impossible to do, and that is rewriting windows and making it much more secure design, they decided they would just go ahead and release patches once a month. And that way, of course, you're not getting them every day. So who's getting noticed that in fact, there are a whole lot of vulnerabilities and Windows. So that was another measurement that we had. Did you get your Patch Tuesday stuff done? That's been around a very long time? Well, we've got a new metric here, and it's called hardening. Now, I don't know about you guys, but my wife thinks that most people don't know what the name hardening is. So I'll explain it a little bit. Hardening is where we close holes in our networks and our Windows computers. That's really what our emphasis is going to be coming up here next week when we start our whole hardening series. By the time you finish this series and the courses, you'll be able to lock down any Windows or Mac computer yourself. You are going to be able to lock down your small business network, and you're going to stop worrying about being the victim of the bad guys. We're also going to train you on how to test everything yourself. That you can make sure that they can't get in, right. If not tested, how will you know it works. It's like I was talking about with backups. How do you know they are working? How do you know it's effective? How effective is it? So we're going to teach all of that, and I think that's just going to be amazing for you guys, man. We're looking to do something you guys are going to love. Hardening in the case of our computers includes our computers, browsers, firewalls, and routers. In other words, there, we're using all of the options, all of the available software to make sure that bad guys are not easily going to get in is our Windows Firewall harden on our computers? Did you even know you had a firewall on a Windows computer? Well, it's almost useless. Because Windows has a firewall, it is turned on by default, but they have all kinds of services turned on and available to be used. All of these things are kind of crazy. When we get down to it, there are things we can do. That's what we're going to be covering starting in about a week with some of these tutorials. And with our great course that we have coming up. Now, let's talk about what's holding us back and what mean time to harden means. We're looking at vulnerabilities, when we're talking about a zero-day-attack, it is one that no one has seen before and where there is not a patch or workaround for it. It's really kind of a nasty thing. When it comes to hardening, you want to make sure that you have as few services as possible on your computer, firewall, and browser. That again makes your attack surface smaller. But when we're talking about those types of zero-day attacks, it typically takes an organization 15 times longer to close a vulnerability than it does for the attackers to weaponize that vulnerability and exploit it. So basically, we're talking about one week for the bad guys to take a vulnerability one of those zero-day things. It takes one week to weaponize it, and it takes us about 102 days to patch it. Let that sink in for just a minute here. Once vulnerabilities get disclosed, It's a time-race here to either secure this hole before the bad guys to exploit it. Now we saw that with the Equifax breach where here's a major, major breach against a major company out there, and only happened because they hadn't applied the patches that they needed to apply. It's just really that simple. Microsoft has a patch let's give an example right now, BlueKeep. BlueKeep is a way to break into Microsoft machines. Microsoft released patches for BlueKeep in the May 2019 Patch Tuesday security fixes. Microsoft released it in May, and as of December 2019, seven months later, there were still over 700,000 machines at risk. Let me see here now May to June July, August, September, October, November, December. That, to me, sounds like seven months. That's huge. Sophos has some security software. In their recent report about WannaCry, which is ransomware. The patch against the exploit WannaCry was using has not been installed on a countless number of machines. Still despite being released more than two years ago. It's crazy, isn't it? Do you guys agree with me? Am I just being kind an alarmist? Now the average time to weaponize this is seven days. Many weaponization comes in less than seven days. Like the infamous ApacheStruts vulnerability. You have effectively 72 hours to harden new systems. Now the numbers are even worse. When we're talking about incident response. There's a new rule out from a company called CrowdStrike. You might have heard of them before, they've been in the news for some political stuff as well. But they are a security company. They do a lot of investigations after the fact and try to figure out what happened and try and clean things up. CrowdStrike has a new rule. It's called the 1-10-60 rule. And it's based on what they call breakout time. So here's what that is. Most nation-state actors, in other words, the more advanced hackers out there, move laterally from an initial attack within two hours on average. In other words, if there is a country that's coming after you say, for instance, China. Most say now it isn't like China is going to go after me. I'm not Military and not a military contractor. China comes after you to steal your intellectual property. Once they have gotten inside of your network, they will move around inside your system. What this means is it gives defenders of a network one minute to detect a breach, 10 minutes to understand what has happened and that it was a breach and one hour to contain that breach from the initial incursion. That is huge. Now, this is part of this meantime to hardening and goal response that we're trying to achieve. If you're a regular business, and it's six months before you even notice that a hack occurred, if you ever even notice, which is par for the course, and one that we see that quite frequently. We will come in and look for signs of hacking. Many times, companies don't want to know. They just want to know if there are any openings that they should be closing right now. Why? If you see a hack occurred, there are specific legal responsibilities that you have. Companies say, Listen, don't tell me, I don't want to know. Without monitoring and watching what our organizations are doing, if we're not at the very least, patching and hardening, we're in real trouble. Now, I know you guys know how to patch it's not that difficult to do. We're not going to spend a lot of time on that in the upcoming tutorials or courses, but we are going to spend a lot of time in the course on Hardening because it is one of your best defenses. It's kind of like having a package on the front porch that was just delivered by Amazon people, right? If there is no package on the porch, the porch pirates are not going to show up and to steal the box. It's the same type of thing here. If you do not have services available on your machines inside your network, there is no way for the bad guys to move laterally. There's no way for them to get in remotely. That is our goal in our hardening courses, how to harden your Windows machine. That's coming up in about a week, week and a half. So make sure you are on my email list. You get all of that free training. You can find out about the courses as well that we are putting together for this. All of that at Craig Peterson dot com slash subscribe. You're listening to me here on WGAN. You can always send questions to me -- me at Craig Peterson dot com. Hey, welcome back, everybody, Craig Peterson online at Craig Peterson dot com and right here on WGAN. I am also putting these up on Facebook and making them available on YouTube. For those that are interested.  I want to talk a little bit right now about Clearview AI. You know, again, I've said so many times that we've got to be careful with our data online. Clearview AI is this company that we talked about a few weeks ago, that has been scraping all of the information it could get online, mainly related to photographs. All of the pictures that you posted on Facebook or that you put up on any photo sharing sites, all of that stuff, Clearview scraped. Now, they have this app that allows you to take a picture, and then it will do facial recognition to find all of the places online that that picture appears. And it has been used by looks like more than 2200 different organizations, many of them police department to track people down. So if you have a picture, even if it's not a great picture, that picture can then be put into the clear view AI app. And it'll show you here you go, here's where we found this guy or gal online. And even if you didn't take the picture, and you are in a photograph, it is going to show up in clear view is going to find it. Now, Clearview AI grabbed all of these photographs online without asking permission of anyone. I don't think they asked your permission, did they? They didn't get my permission. They scraped them from Twitter, who they didn't ask permission. They scraped them from Facebook. They scraped them from all over the internet. They ended up with billions of photographs. They logged it all along with where they found them online. That way, if the police department is looking for this person, they have a photo of them. They can put it into the Clearview AI app and can authenticate where online it was found. And then the police department just goes there and says, Oh, well, that's a Mary Jane's homepage. Here's more about Mary Jane, where she lives and everything else and now off they go to get Mary Jane. Now remember, of course, first off, these things are not 100% accurate. They could be false. There are false positives, although in many cases, they have been very successful at identifying people, and they have helped to solve some crimes, which is I guess a good thing, right. I think that's what you might want to say, okay. In a notification that The Daily Beast reviewed, Clearview AI told them that there had been an intruder that gained unauthorized access to its list of customers, and they got access to many accounts they've set up and the searches they have run. Now, this disclosure also claimed that there was no breach of Clearview AI servers and that there was no compromise of Clearview AI systems or networks. That puzzles me makes me wonder, well, maybe they were using a cloud service, and they had it stored up there, and that's how it got stolen. It's hard to say. Clearview AI went on to say that it patched the unspecified hole that let the intruder in and that whoever was didn't manage to get their hands on their customer's search histories. Now there's a release from a Clearview AI attorney, and his statement said that security is Clearview AI top priority, which is total crap, right? They did everything they could to breach ethics and security of the user agreements from all of these websites from which they scraped our information. Unfortunately, data breaches their attorney says are part of life in the 21st century. Our servers were never accessed. We patched the flaw and continue to work to strengthen our security. All of this is in a report on naked security dot com. Now, this, frankly, is very concerning to me from several different standpoints, right. First of all, Clearview AI had this massive database of facial images that they had sold to hundreds of law enforcement agencies. In many cases, it wasn't like the overall agency. It was just a police officer themself that subscribed. It may be a detective, etc. The New York Times ran a front-page article in January, saying that Clearview AI may end privacy as we know it and man, is that ever true. They have been quietly selling access to these facial images and facial recognition software to over 600 law enforcement agencies. Now with this data breach, it looks like it's more than 2200. Although we have not seen the list posted online yet, we may end up seeing the posted online. It depends on who did this and if it was a nation-state, which is entirely possible. They are trying to find out a little bit more about us or whether it was somebody else.  It reminds me of a lot about the founding of Facebook and why I've been against Facebook over the years, right? Facebook had a very unethical at its start. They stole all the photos of women going to Harvard University and then had people be able to go to their little website and rate the women, right? Rate them? Yeah, on their looks using all stolen photos. That's the allegation behind it all. It certainly seems to be true. Microsoft, that's another reason I just, I don't use the word hate very often believe me, but I do hate Microsoft and the way they started. They unethically sued people and play games with trying to buy them by lying about the rights that they had. Bill Gates outright lying to IBM and others, back in the early days. I have a good friend of mine who says Craig if you didn't have any ethics, you would be one of the wealthiest people in the country. Your ethics kept you from doing them, yet you bent over backward to help people. Companies, like these need to go out of business and need to go out of business fast, it's crazy. We've got the Biometric Information Privacy Act that Clearview AI has violated. ClearView AI has also been told by Twitter, Facebook, Google, and YouTube to stop scraping. Those companies have ordered it to stop that. It is against the policies. The Times noted that there's a strong use case for ClearView AI technology finding the victims of child abuse. News. It makes a lot of sense. One, retired Chief of Police said that running images of 21 victims of the same offender returned nine or 14 miners identifications, the youngest of whom was 13. So where do we draw the law watch line, I should say, what should we be doing here? It goes back to the whole fruit of the poisoned tree principle that exists in the law. That you've seen on TV and in movies many times, any evidence illegally obtained can't be used nor anything that comes of that evidence. It is why some Federal investigators play games with where did you get this evidence? Russia? Did it come from Christopher Steele? Should we have something similar In this case, and I think that we should if they stole information from these companies, which they did. It's, frankly, intellectual property theft at the very least. That means it is of no use in any sort of a police case that started an investigation and any legal matters that follow. That's my opinion. I don't know what yours is. I'd love to hear from you email Me at Craig Peterson dot com. Thank God they were able to find some of these victims of child abuse. But at the same time here, we should have some rights to privacy. It may already be too late. I guess we'll know. Soon enough.  Hey, when we get back, we're going to talk about Barbara Cochran. She's the star of Shark Tank, and she just lost 400 grand in a scam will tell you all about it. You are listening to Craig Peterson and WGAN. And make sure you sign up online at Craig Peterson dot com. Hi, everybody. Yeah, that means we're back. Craig Peterson here on WGAN.  We're going to talk right now about a TV show that I have enjoyed watching over the years. There are a few shows that I watch pretty regularly. Of course, there are some sci-fi shows we won't talk about those right now. But a couple of them are The Profit I enjoy that show. I like the guy who is the main character on that show, and his name is Marcus Lemonis. He owns a considerable interest in Camping World, as well as GoodSam Club, and he invests in small businesses. I disagree with him almost 100% on politics, but he does try and help people out which I think is fantastic and, and he goes into these businesses that are struggling, that are trying to figure out how do we move to the next step or how do we even survive? Then he helps him out, and he frequently invests in them. When he invests, he takes a good chunk, usually enough so that he has a controlling interest in other words 51% sort of a thing. Then he's often running, and he helps build them into real successful companies. Now, I guess it goes back to the question of, would you rather have a small slice of a massive pie as an owner, or would you rather have 100% of a tiny pie, that may end up collapsing in on itself at some point in time. That's kind of the decision these people have to face as they are talking with him and trying to figure it out. So I like that show. He had a good episode, recently that I found very, very fascinating. Check that one out, The Profit. Another one that I've enjoyed over the years is Shark Tank. Now Shark Tank is if you haven't seen it, it is a show, and there are a number of them. It's called Dragon's Den overseas. There's one in the UK. There's a shark tank in Canada, and there's a shark tank in Australia, all called slightly different things. The idea behind Shark Tank is you go in there you make a pitch to these investors, and the investors decide if they're going to throw some money at you. They will make a deal saying okay, I'll give you 20% for 20% of your company, I'll give you this much money, or you know, I'll bring in people to help out, but I want controlling interest or whatever it is. Well, one of the business moguls on there that part of this whole judging team on Shark Tank just last week lost nearly $400,000. It was disclosed that the 400 grande loss came through an email scammer. Now, if she had been listening to this show, she would have known about it. She would have known what's happening. She has enough money that she kind of brushed it off. Oh well, she thinks that she'll never get the money back. And you know what? She's probably right. We've seen that happen many times, even with the FBI getting involved most of the time that money never, ever comes back to you. According to media reports, a scammer who was posing as Barbara Cochran's executive assistant forwarded to her bookkeeper an invoice requesting that payment. I'm looking at the email right now. Barbara released it, which is great as that way people can see what happened. It's an email it's from, Jake somebody. Sent on Friday, February 21, and addressed to Emily carbon copy Michelle. The subject was forward Invoice 873, and it's got the name of a German company. It begins, Hello Emily. Please see the attached invoice below for payment. We are ready to proceed, and we are shipping next week. Please ensure the invoice is paid on time, shipping charges are additional. It appears like a little real invoice. It's got the due date on it, which was due on the 27th, and the amount was $388,700 and 11 cents. And it looks as I said kind of like a standard invoice. Dear customer. Please see the attached invoice. Wire transfers should be directed to FFH concept GMbH address in Berlin, Germany. Bank details include the bank name, the account name, bank address As the IBN number, the swift number, thank you for your business, we appreciate it very much.  The truth was, this email did not originate from Barbara Cochran's executive assistant. Instead, what happened here is that the scammers and created an email address that looked the same as her executive assistant. It had one letter different in it. At first glance, it seems legitimate, yeah, this is from the Executive Assistant. You and I look at 400,000 and say, Whoa, wait a minute now. I don't even have that much. In this case, Barbara Cochran, this was pretty normal for her. There's not only this amount because she is involved in so many real estate deals. That's how she made her money was in real estate. She gets these invoices from these companies all over the world. It did not look that strange. All the bad guys, in this case, had to do was a little bit of research. They found out what the executive assistant's name, they found out what the email address was. The bookkeeper did not spot this little spelling error, if you will, in the email address. When she asked questions about the purpose of the payment, all communication went straight to the scammer's and not to the assistant. What did she do? She hit reply, and the response went straight to the scammers, and the scammers gave him what looked to be or gave her what appeared to be a reasonable answer, right. On Tuesday last week, seemingly satisfied by the answers she'd received by the scammers posing as Barbara Cochran's executive assistant. The bookkeeper transferred almost $400,000 into the bank account contract controlled by the scammers. It was only one the bookkeeper manually CC'd Cochran's assistant directly with confirmation that the invoice had was paid. It became clear what happened. So, again, that tells you don't respond to emails, right? Look it up, use a contact list, use your autocomplete to try and reach out to somebody to verify it. I always go one more step further, and that is to get on the phone and confirm the transaction. Now in speaking to people magazine, Barbara Corcoran again apparently was pretty okay about the theft. She says quote, I lost the 400,000 as a result of a fake email sent to my company. It was an invoice supposedly sent by my assistant to my bookkeeper, approving the payment for real estate renovation. There was no reason to be suspicious. I invest in quite a bit of real estate. I disagree with that there was reason to be suspicious. Anyhow, I was upset at first, but then remember, it's only money good for her. Frankly, she posted on Twitter about it. Lesson learned. Be careful when you wire money. She retweeted something from TMZ about her getting hooked in this scam. I'm glad she has a positive attitude about it. It's very unlikely, as I said earlier, that she'll ever recover a dime from these fraudsters because of the way the money was wired. Ninety seconds later is all it takes for the cash to be gone and out of reach. And they probably went ahead and transferred it from German banks to other banks, and it continues to move the money around. It's kind of like what happened in Eastern Europe and Ukraine, with a billion dollars in aid that we sent that ended up bouncing around between multiple companies in multiple countries to hide whose pocket it ended up. It's just kind of crazy. It can happen to anyone, and it can happen to any of us. Every last one of us, business person or otherwise, needs to be on guard. Don't reply to emails. Always make sure you enter in the email address if it's anything that might be of concern. Remember that banks and other places are unlikely, including the IRS tax time, to be sending you emails about some of this stuff. Just double-check and phone them, look them up online, and phone that number. Ask a question from their help people over on their website.  Well, we've got one last segment here, and we're going to be talking about new security features from Firefox that means insecurity to you. This is Craig Peterson on WGAN, and you know, I like Firefox, right? Hey, welcome back, everybody, Craig Peterson, here on WGAN and online Craig Peterson dot com. Well, that's Peterson with an -On dot com.  Hey, thanks for joining us today we've had a great day, we've talked about where you find a little bit of nostalgia online over at the Internet Archive. We talked about reducing the risk through data minimization. I described how ransomware became a multi-billion dollar industry. We talked about the changes that have recently happened with ransomware that will require you to make a change in what you're doing to stop becoming a victim. Then we got into how should you answer a non-technology related executive who asks you, how secure are we? How do you answer that question to your family as well? Because we are all the Calvary, right? We're the people that our friends, family, our people from church, the business people, they all come to us. So I wanted to make sure we covered that the next generation here of security metrics, how long does it take to harden your systems, and we've got a course coming up on that here in a couple of weeks and a bunch of tutorials to help you out. The company that we talked about clear view AI, very, very bad guys, frankly, very unethical. They just lost their entire database of Facebook buying clients to hackers. And then they brushed it off like it's no big thing. Hey, you know, everybody gets hacked nowadays. Man is talking about a company with no ethics at all. We talked about them, and then, of course, most recently, we just talked about business email compromise. We gave you a specific example here of Barbara Corcoran. She is one of the business moguls over on Shark Tank. How she lost almost $400,000 in a scam, and what you can do to help protect yourself. And we gave away some actual clues here precisely what the bad guys are doing to try and get that information or get us to to to do that, right? What kind of information are they gathering about us? Well, I want to talk about Firefox here for a few minutes, all web browser thing. And this has to do with security. And this is an article over on we live security.com that made me think about what is going on with Firefox and Mozilla. Now, if you've been on any of my training courses, you know, the browser you absolutely should never use ever, ever, ever unless there is a gun to your head, and then it's okay. Is Internet Explorer is just one of the worst browsers ever? You know, it's just terrible. It's right up there with the original browser, the NCSA Mosaic, but at least it was changing the industry. Internet Explorer was just a huge security hole. I mean crazy. The things that allowed programmers to do, and it was such an avenue for hacking. You know that right, don't ever use Microsoft's Internet Explorer.

Welcome!   We are going to hit a number of topics today from the world of Technology.  I am quite disappointed with Mozilla, they are letting marketers and politicians define their technology. Listen in to find out why I feel that way. Compliance is an issue for many companies and I have some solutions that will help you and it includes a diet but probably not the kind you are thinking.  Do you ever get nostalgic for "the good old days?" Well, I have something that might help, listen in to find out more. I will tell you happened to one of the Sharks from Shark Tank? How you can prevent it from happening to you and more. For more tech tips, news, and updates visit - CraigPeterson.com --- Related Articles: Getting Your Fix of Nostalgia Don’t Store Data You Don’t Need Cryptocurrencies and Insurance Increases Ransomware Profitability Are you Secure -- Depends on Many Things You Don’t Have Much Time To Stop An Attack Hackers Target Large Databases Anyone Can Be A Victim - Business Email Compromise Does Not Play Favorites  DNS over HTTPS (DoH) is not the Panacea the Marketers Are Leading you to Believe --- Automated Machine Generated Transcript: Hello everybody, Craig Peterson here on WGAN and, of course, online at Craig Peterson, dot com and heard streaming all over the world on your favorite streaming site. I'm so glad to be here today and be able to talk with you a little bit about what are the top news stories this week? How can you keep safe that's kind of one of my themes because I freaked out when my company got attacked some years ago. You know, just a regular business guy trying to run a small business and man did hurt me bad back in the day. I'm just trying to get all of the information I've put together over the years and learn, and I continue to study this stuff and continue to look at what are the best ways to defend ourselves. I try and get all of that and put it together into neat packages for you. One of them, of course, is the radio show. I also get on with Facebook Lives. YouTube lives, and also do various types of pieces of training and tutorials and things out there. Where in fact, for the next course I have coming up, we're going to have implementation calls, where we are talking specifically about what to do when you do it. So you try and implement something, you have some issues. I'm going to get on the phone with you guys. So I think that's going to be great. And then the upcoming class here in a few weeks. And then, of course, the tutorials leading up to that class where I'll take your questions live, sometimes those little tutorial sessions on, you know what it's webinar technology. On these webinars, sometimes we go a couple of hours so I can answer all of your questions. That's what it's about here. All right, because I understand most people, not I know I'm this way too. I get contacted by somebody, and they're trying to sell me something that happened just over the weekend. Last weekend somebody knocked at the door, trying to sell windows, right. I think it was like Renewal by Andersen or something like that. And they were walking around knocking on doors. I see you know, immediately just knee jerk said, No, No thanks, my windows are fine. It got me to thinking about the whole situation in the security realm. Because that's what we do, right? What we've been doing for years decades, sometimes we have the antivirus software, every once in a while when we hear about a real big vulnerability, we go ahead and apply patches. You know, it's been the same old, same old, but we just can't do that anymore. And because really, we see huge, huge problems and businesses going out of business because of them. So that's what this is all about. So if you're a new listener, welcome. If you've been listening to me for a while, of course, Welcome, Welcome to you too. And I want to get this information out. So one of the best ways to make sure you have all of the latest information you need is to go online go to Craig Peterson dot com slash subscribe, and that'll get you on my email list. Then once you're there, you will be able to keep up on up to date on things I do, try and get those out. I have a newsletter that's every Saturday morning. Then when I'm doing training, I'll send something that's a little out of the band if I'm doing a live or various other things. I thought because of the way it works with the emails I send out, if you want to unsubscribe, you will be guaranteed to never hear from me again. Maybe that's a great thing that is right for some people. But for other people, I came to realize that perhaps they didn't care about the training, they just wanted the newsletter, or perhaps they wanted the pieces of training but didn't want any emails. Some wanted on courses but not other courses, etc., etc. So I'm going to try and do something a little bit different right now, and there's a pretty nasty warning as a footnote. If you unsubscribe, I can't send you anything anymore. I won't send you anything even if you want a course, you'll not hear from me again, because you unsubscribed and marked as somebody that doesn't ever want to hear from me again. That's fine. I know we all have our lives, and maybe you think you're safe enough. Perhaps you're going to reach out to me when everything falls apart around you. At which point, I can't respond to you because I will have your email blocked. That is because I don't want to bother you. I want to comply with the can-spam app act. Although, you know, most people don't seem to care about that as well as the GDPR. Also, The New California regulations, the Massachusetts regulations, and new federal regulations that are going into effect. They all place requirements on when and where I'm not supposed to contact you. If you say No. Then No means no, right. I'm going to change things a little bit with these upcoming training and courses that I'm going to be doing. I'm going to make it so you can just unsubscribe from those, so you're not going to lose contact with me. I've had some people complain, and in the end, it becomes a bit of a pain to try and add them back in. We're going to try and make this a little bit easier for you guys, so keep an eye out for that. You already know right based on what I'm saying, as well as what I've done in the past that I won't spam you guys, I don't sell your name to other people your email address. Most of you I know are kind of the older generations, the younger guys they don't care we've already talked about that. They will sell their email address and name for a donut. But us older folk were a little bit more cautious about it. I think that's probably a good thing. We're less likely to get ripped off the senior population in some ways less likely to get ripped off, and other ways more likely get ripped off. It's interesting. Again, we tend to trust phone calls more. You know what I have, frankly, I don't answer my phone anymore. It just goes to voicemail. And I have somebody else look at it because there are so many scams coming in. But we tend to trust the phones more in the generation, you know, the men and women older than me, other baby boomers, they are a little bit more susceptible to those types of scams. So be careful with those types of scams as well just you know, be careful all the way around, frankly. And that brings us to our first story of the day today. And this is something I found that I thought was cool. So I thought I'd share it with you. It's a tech thing. I was just a few weeks ago talking on the radio. One of the radio shows I appear on as a guest. And we were talking about Betamax versus VHS. And I knew I knew that the radio host I was talking to there's no way he just loves tech. There's no way he did not have Betamax. And he did. He had hundreds, apparently of beta tapes in his closet. But this is all about that Era of the 1990s. I'm sure you guys had VCRs right back in the day. And of course, the winner of that war was VHS, and it wasn't because it was better technology, but we're not going to delve into that right now. And those VHS tapes, at this point, about 20,000 of them have been put into an online vault. Now, if you've never used the Wayback Machine, you have to check it out. You can find it online. At archive.org, that's the name of it. It is an Internet Archive, and it shows web pages going way back, you can look at my web page from back in the very, very, very early days of the Internet. When you know, love the not the Internet, but of when the whole web thing came about, which was 9293 is when it started to go. I didn't have a webpage back in 85. When I first registered my domain that's been around for a while. And then, of course, I was using other domains. Before that, I've used my ham radio call sign is my domain. And before that, but the Wayback Machine is this archive, you can browse the history of any major site, many miners sites that are out there. They have used it in court cases. It's used by me, just for kind of memories of things as the way they were. Now you can use it for something brand new. I didn't know that they had, and that is They've got something out there on the Wayback Machine that's called the VHS vault V-H-S just like the VHS tapes that we had or that ken didn't have because he had Betamax. Right now, I'm looking at says there are almost 21,000 results. So they've taken these VHS tapes that were submitted, and they have effectively ripped them. They've turned them into digital video, right. And some of these are just amazing, like a warm-up to Traci Lords. It's an exercise program. Of course, Traci Lords was involved in some adult films back in the day. Man, I love this mystery science theater. 3000 Timothy Leary is a guest on MTV with John Lennon, Les Miserables from 1935, rush to judgment. There are some many cool things The Lion King in full VHS tapes. Now some of this information is probably still copyrighted, but as a general rule, archive.org doesn't get nailed for copyright violations. SpongeBob SquarePants Oh, this is the Fairy Fairy Godmother I think is what this cartoon was called and trying to remember my kids used to like it. Some bootleg tapes, everything, but you can find it online I think you would have a gas looking through these. I want you to go to archive.org as you're listening to the show, or maybe some other time during the week, you're sitting there watching some TV with your smartphone or your computer. Archive.org and look for the VHS vault. The actual URL is archive.org slash details slash VHS vault. You will see all kinds of fun stuff that's in there. They have many different collections You can search this you can go in by year when They did it. They have Flemish dog collection. There's another one. There are collections I've used in some of the training videos I put together. There are collections of old black and white art, and pencil art, and engineering diagrams that are well, well auto copyright and you'll find all that stuff@archive.org Check it out, I think you will have a gas checking it out. If you're like me, it's certainly brought back a lot of memories.  When we get back, we're going to be talking about something that you should be doing, whether you're a home user or business user. You know, the things that we have to be worried about are the things that can be stolen from us, right, in the online world. Okay, this is what we will be talking about. What can be taken from us, but also what can be used to kind of hold our feet to the fire in ransomware. So we're going to talk about how to reduce your risk with Craig Peterson here on WGAN Stick around. We'll be right back. Hey everybody Craig Peterson back here on WGAN online, and of course, at Craig Peterson dot com. Yeah, you know it by now, right? Well, hopefully, you had a chance to look@archive.org, definitely check it out. It's called the Wayback Machine, at least that was its original name. And they may still have that domain, the Wayback machine.com. But now it's known as archive.org. It is a wonderful, wonderful trip down memory lane, at least for me. If, if you are a little bit older, you might remember the Internet back in the days fun looking at some of the original search pages at AltaVista. Man, I miss AltaVista. I used to like to use the Boolean algebra that you could do in AltaVista. By the way, if you are a geek like me when it comes to searching and you want to be able to dig into it. There's a tool I use, and I think that you'd like it also. It's not cheap, that's for sure, but not that expensive either, but it's called DEVONthink, D-E-V-O-N T-H-I-N-K. It allows you to set up searches using all kinds of Boolean constructs, which is very, very, very handy, at least as far as I'm concerned. You can set it up to do automatic search sets every day looking for different things. It's one of the tools I use to find the information that we talk about here on this show because so much of it just isn't generally speaking, available. It certainly isn't spoken about by the mainstream media, right? You know that right. That's why you listen to the show and why you follow me. I am on LinkedIn. I'm on Facebook. I'm on Twitter, YouTube, and my website as well. I appreciate all you guys who do follow and who comment. Now, if you're a business person, this is for you, but there are some things that you can do as an individual as well that are going to make a big difference for yourself and your safety online. Businesses are concerned about the GDPR, which we've talked about on the show before. That's the European privacy regulation. We're also very concerned right now with CCPA. I just had a company that makes optics. I use their optics here in the studio if you have ever seen me on a webinar or one of these videos or pop up training or anything. I'm in the studio, and my cameras here the lenses use the glass made by this company. I had no idea, but they reached out to us due to their operations in California. They have a sales operation there because, again, they're selling their optical glass for use in lenses, and all kinds of other devices. They reached out because they were concerned about what is happening, what could happen with these new California privacy regulations? Is it going to mess up their business? How is it going to mess up their business? How is it going to make things better or worse? I think they had some outstanding questions. So they called us in, and they paid us to do an audit of the systems they have. How are the systems working? What is it that we need to be worried about? You know, it's something that takes a few weeks and a couple of on-site visits in New York? New York State, which by the way, is going to have their own set of privacy regulations that are going to affect them pretty dramatically. But basically, what it came down to was if they were compliant with the European regulations, they were probably most of the way towards the California regulations. So they think that they're compliant. But when we got in and started having to look at it, it turned out No, no, no. They are not anywhere near compliant with either set of regulations. Even though their IT people told them they are because they have full-time programmers who are programming their systems. They thought, Oh, no, no, we're fine. We're fine. No, they weren't. So what do you do if your regular business? Enough moaning and groaning about the optical manufacturer, who has fantastic optics, which is why I use them. Let's talk about you. Let's talk about your business, your small business, your larger business, this is true, you should be paying attention if you are a medium or large business as well. One of the best things you can do, and it is hard to get through to a lot of CEOs and other business owners. But one of the best things you can do to reduce your risks is to reduce the data that you are maintaining. Right? If you want to reduce the chance of getting shot at, don't go out in the streets where they're shooting, right? If you want to reduce the risk of having your data stolen, then don't have the data out there for them to steal. If you don't want to get nailed by one of these new regulations, that says, hey, personally identifiable information has to be maintained in this way and that way. If someone asks you what data do you have on me? Do you realize now you only have one week to respond? You must provide that data to them. If you have any sort of a California Nexus or European Nexus, in other words, doing business in either one of those places. Now, it's down to I think five days it's not a week to respond, saying, Here's all of the data that we have about you. That's what you have to be able to do. We have to be able to do it right now. You also have to be able to tell them, here are all of the people within my organization as well our contractors that saw your data and had access to your data. That is a very, very big deal, frankly. The landscape is constantly changing your obligations for that data, and the data disclosure and the data-keeping keeps getting more strict. What's the right thing for you to do? Ultimately, well, it's to get rid of the damn data, right? It's a very, very solid first step in reducing your risk. Now I'm going to be publishing next week, a little guide that you can use yourself, right, you don't have to have me involved, or anything else is just for you, that you can use to do an inventory of all of the data that you have in your business. What we've done is we've gone through and looked at different parts of the businesses that we've worked with over the years and evaluated the kind of data they often have. You have to do that first, right? You must identify what your risks are. You must determine what data you have. I'll make that available for those people on my email list. It will be part of this ramp-up here, a precursor to the pieces of training that I will be doing. There will be different free pieces of training and tutorials in my ramp-up to my courses. You don't have to be in the course to participate in the free tutorials, okay? You don't have to buy anything from me. It is all free, no hype or anything else. Okay. I'm not trying to hard-sell anybody I want to help you. That is the first step -- doing this inventory the data you have, and it is one of the best things you can do. Put your company on a data diet. Now, you know, last week we had Barry Friedman on the show, talking about a sugar diet. Right. It's a lot like that, and it's getting rid of these addictive pieces of data that we keep on our clients on our prospects, everything else that's out there, right. Let's look at it as a lens. When you're looking at your data when you're doing an inventory of these data assets, ask yourself, do I need this? Will this provide what I need? Think about maybe like a food diet as Barry does with sugar? Do I need sugar? We know is sugar going to provide us the nutrients that we need? The answer to that is no. When it comes to sugar, right. We found that out from Barry last week. But we need to work to minimize sensitive data and ask ourselves, do we need this sensitive data to conduct business right now? And will we need this sensitive data to conduct business in the future? If the answer's no, securely dispose of that data. It is the only way to comply with these regulations that are already in place here in the US and Europe as well. All right, when we get back, we're going to talk about how did we get here? How did we? How did ransomware grow to be a multi-billion dollar industry? What did we do to get here? What should we do to try and get beyond all of this? You're listening to Craig Peterson on WGAN. And of course online at Craig Peterson. dot com, live on youtube, live on Facebook everywhere out there. Stick around. We'll be right back. Hey, welcome back, everybody, Craig Peterson here on WGAN, and of course online at Craig Peterson dot com. In case you missed it. We've been busy today talking about the internet archives VHS vault. Again, that's archive.org. Check it out. It is kind of cool. We just talked about reducing risk using the cheapest mechanism possible. Data minimization will save you money and help you be compliant. Now I'm going to talk about ransomware. We've been warned recently about ransomware's rise. Many people thought it's kind of past. In some ways, it has. 2018 was kind of the banner year for the standard ransomware that out there, but it is back, and it is back with a vengeance. We talked about some of the statistics about a month ago and showed how it had gone up a bit almost doubled just between the third and fourth quarters last year, which is just absolutely dramatic. I had a course before, where we talked a little bit about backups. I've certainly talked about it here on the show before, and how backups help stop ransomware. Let's just spend a couple of minutes on that right now, although it's not 100% accurate anymore. It is essential to do for just a whole plethora of reasons. Backups are kind of the very first stage of what you need. I read an article yesterday from a guy who is in some of the highest circles in the country. He had the phone numbers, the direct cell numbers of presidents and you name it, really just anybody who's anybody was on his phone. It was an Android phone. He had assumed that it was backed up into the cloud or something. His phone broke. He got a new phone and realized at that point that his phone had that never, ever, ever, been backed up. He lost the phone numbers from all of these people. Good luck getting them back, cell phone numbers, other contact information. Think of all the things that are on our phones nowadays. Losing your phone, having a hard disk crash on your laptop, or your desktop computer. Losing those can be devastating, no question about it. If you're a larger business and you think that you're doing backups, double-check them. I'd say three times quarters of the time, and I can't think of an exception to this, your backups will not work correctly for that business. I've never seen a case where all backups are working correctly, ever, ever going into a business. I know you, Craig, you're just crazy. It's silly. You're trying to build a business and scare people. No, I have never walked into a company and found their backups to be working correctly. We see things like, and I don't mean, they're not working in a way that is ideal or optimal for the business. Right? Certainly that on top of it. I mean, they weren't working. We had one company that we went into, and they were dutifully doing backups, and the operations manager had five external hard disks. Every day he brought a hard drive in, he plugged it into the server and took it home at the end of the day. So we had Monday through Friday, hard disks that you brought back home with them. So they were off-site, which is, you know, great idea, by the way. The server itself had a RAID configuration on it and is called a raid five. It had three hard disks so that if a drive failed, they wouldn't lose all of their data. We went in because they wanted to do some upgrades. They hoped to move over to Apple infrastructure, where people could use iPads and iMacs on their desks to have a better working environment for everyone by moving away from windows. By the way, this is an excellent idea. They still had some Windows software that they had to run, so we helped them with that and got that all working running correctly. The backups you know, they were trying to do the right thing. But you know, you know what, there were a couple of problems one, their server had not written to any of those external disks for the last 18 months. They went a year and a half without ever having had a good backup. Think about that. What would happen to that business? What would happen to your company? After 18 months of no good backups and losing all your data? Oh, and their server, an HP server, that cute little HP server had that RAID array, right a raid five where you can lose a disk and not lose data. Well, they had lost a drive. We were estimating based on the logs about a year before. There they were with no backups and no redundancy in their server disks on their server. That's an example right now, and I could go on and on. We had a company division of a Fortune 100 company that had paid for backups, and they had a dedicated data line. We put some next-generation firewalls in place that monitored the data and watched for data exfiltration to make sure that the plans and designs and social security numbers and bank accounts and everything were not being stolen or taken off off-site, right. Guess what we found there? After six weeks of monitoring everything that's been going on because that's the first step right. Let's make sure we understand what the normal operations are. Didn't you tell us that you had an off-site backup of your mini computer going to another backup site? Oh, yeah, yeah, we do. It gets backed up in real-time. We're paying for the backups to go off-site. If something were to happen to our facility here, or to our computer, which is a big server, then they'd take over immediately we'd be off and running during those six weeks that we were in there we hadn't been involved with these operations. Ultimately, we were in there for decades. Guess what we found? Yeah, exactly. None of the backups were occurring. They were paying for all of these things, right? They were paying for them. What we ended up doing is we came in, and we made sure that backups were happening. Unfortunately, they didn't have us do those backups. The company doing it for them was incompetent. And yet they decided to have them continue to do it. It doesn't make sense. We took over the rest of the backups. We had equipment on site, which we do at most of our clients. In case there's a problem, there are failovers that can occur. In this case, we'd have them back online in four hours, a requirement of publicly traded companies and their divisions. Again, they're just not doing anyways. Ramble. Ramble. Wow, we've only got a couple of minutes left here in this segment. When it comes to backups, here's what you have to be careful of, and that is, make sure they are happening. Check the backups. Try and restore from your backups. Now, we're talking about ransomware. It is a seven and a half-billion-dollar industry. They are coming for you, and one of the best things you can do is have a backup. Still, there's another side to ransomware, nowadays, that backup won't help you with, and that is that they have your data, and they hold a ransom saying, if you don't pay us, we're going to release this onto the Internet. Then you're in real trouble. If you have personally identifiable information, or if you have your intellectual property out there, and it gets out to the Internet because you don't pay that ransom, you are in real trouble, plus if they encrypt your data, you'll need that backup.  All right, stick around. We will be right back. And we're going to be talking about our next topic for the day, which is how do you answer a non-technical executive, who asks, how secure are we? Your listening to Craig Peterson on WGAN and online at Craig Peterson dot com. Hey, have you ever been asked that question? Well, we'll tell you about how to answer it, coming right up. Hey, welcome back, everybody, Craig Peterson here on WGAN and online, of course at Craig Peterson dot com. No surprise there. Our next one is an interesting article and poses an interesting question. It is one that I'm sure you ask or have been asked, right? How secure are we? You are the Calvary, is the bottom line. You're the person who your family comes to, or the business owner comes to, the business asks whenever they have a tech question, right? You wouldn't be listening otherwise. It is how you get ahead. It is how you learn. You listen to me and others, read articles. You are the Calvary. How does the Calvary answer that question, when you're asked, How secure are we? You know, there's the obvious answer. Well, you know, we got this, and we got that. We have an Anti-virus, and we have a firewall. Those, frankly, are buzzwords that many of us use just to obfuscate the real answer to that question. I know that many times when we go into a business, and we secure it, we put together a proposal. Most of the time, our recommendations are not accepted. Most of the time, when we go into a business, and we say, here's what you need. Here's what you need to do to stay secure, they say No, thank you, and prefer to run with blinders. Hopefully, they won't stumble in the middle of the night get or tossed by that horse, of just kind of ignoring it, right. Blinders or maybe you might want to call it ostrich-ing and to put their head in the sand or whatever, you want to call it, But most of the time, in reality, the businesses just don't do anything. Sometimes they do, right. That's how I stay in business. I stay in business because of the companies that want to remain secure. I stay in business because of the people that are the Calvary. They're like you who want to buy my courses to understand more to get step by step instructions know, not just the stories behind things, but the strategy in the exact tactics that they have to take. And that's you, I suspect, right? I think you're probably a lot like me in that way. That's how I like to learn, and that's how I teach as well. Well, this article is from our friends over Dark Reading. And the question is, uh, how secure are we? And how should we answer that? There's a great response by Kurtis Minder, the CEO, and Co-Founder of GroupSense. He says it depends. You've got to look at your executive team and qualify their level of understanding. Answering the question with the answer of well, we have antivirus, we have a firewall, and we have mail filters. You know, a lot of people nowadays say, "well, we're in the cloud," and there's nothing to worry about, which we already know, isn't true, right? There's way more to worry about if you're in the cloud than if you have a local server. For those of you who are the kind of computer security people for your organization addressing this requires finding out where they are coming from who they are comparing. For instance, is it to what the Payment Card Industry PCI-DSS says we're supposed to do? Are we supposed to compare ourselves to the HIPAA-HiTech regulations? In other words, we have some medical data, which by the way, every company does, if you have any sort of a Health Insurance Program, right? Are we supposed to compare ourselves to the NIST 171 standard? There's, even more, there is the CMMC. There's, there's a lot of different criteria that are out there. You must understand the HOW before you answer this question. How secure we compared to similar companies in our industry? Or companies that are similar in size to us? No matter how you're going to answer that question, when the boss comes a-knockin or the kids or your wife comes a-knockin saying, How secure are we? No matter who it is you're talking to, I think the one thing you have to make sure of is that they understand that the whole security threat landscape is fluid. It's always changing, and your security programs need to be fluid as well. That's the reason I have consulting clients, right. That's the reason I have a membership program. The people who are the Calvary can follow and understand what it is they need to know. Now I want to hop over to this other guy here. His name is Matt Combs. And he is a global cybersecurity practice leader for an executive recruiter called Russell Reynolds Associates. It is absolutely a phenomenal interview on CIO.com. He's saying many companies were blissfully unaware t, especially those that don't have credit card information. How many times have I said that, right? It takes at least six months for the average company to figure out a breach occurred. Why did Matt say, especially those that don't have credit card information? It's because if they have credit card information, that information is likely to be sold on the open market very quickly. Once sold, the credit card companies are going to notice, right? Many companies have only learned that a breach occurred after the FBI came knocking on the door and told them they had a problem. Look at Home Depot. What happened? The FBI traced the dots. Home Depot, was compromised through their point of sale equipment. Can you believe that? people sitting in the parking lot of Home Depot hacked them? They didn't even know it until the FBI knocked on the door. That's a pretty big deal, on a pretty big company. I think they are the second-largest retailer in the country? When it comes to dollar-to-dollar value? Are you sold? Okay. If you don't have the credit card information, how would you even know that a breach happened? It goes ties back into the fluidity of security. It seems so obvious. Now when you look back at Home Depot and say, What were they thinking? I look at the target the TJX companies, and their hack they had security equipment, and that security equipment was quite good. It was alerting them, "whoa, wait a minute, guys, we've got a breach, okay." Did they take care of it? No, because they didn't know how to read the output, and they didn't have enough people to look at the logs, which is something else we keep telling you all. You have to watch the logs. You have to watch them closely. It's a full-time job. It's a highly skilled job, a highly trained job. It is not cheap, okay. I know a hotel company with 500 hotels in the United States, of course, you can look that up to find out who it is. They have a chief information security officer who is an information security group of one. Think about that 500 hotels, just the business itself, all of the data that they have, the liability that they have, and he doesn't have anyone working for him. Not even a support person. He has to beg, borrow, and steal help from it, and from the CIO, the Chief Information Officer. So when the executive asks you how secure are we, you have to say, Hey, listen, you know we can lock down the doors, we can lock down the windows, but the odds are if someone wants to breach us, they will be able to. However, make sure you are locking down the doors and locking down the windows. You got to close it all up. There was one other thing I think you should do when this non-tech executive asks you about how secure we are. That is, what's your nightmare, Mr. Executive? Which systems? Are you most concerned about being compromised? You should go back to the question I asked a little bit earlier, which is, what data do we have that maybe we shouldn't have? What data do we have that we are most concerned about losing? What are the Family Jewels in our organization? What is the data that if we were to lose it, we'd be in a lot of trouble, either because we could not conduct business anymore, or maybe we would get nailed by the regulators out there? Anyway, a lot of really, really good questions to ask because you're never 100% secure. All it takes is for one employee to click on the wrong link on an email. What I was just talking about will come up a little later on today. I talked about it this week on several radio stations. What happened with Barbara Cochran, an investor from Shark Tank. Stay tuned as we'll talk about it a little bit later on. All it takes and frankly, employee negligence such as accidental loss of data, accidental clicking on things. Employee negligence is still the main cause of data breaches. In a report from ShredIT now, of course, they're in the business of shredding documents of getting rid of these things. Shredding hard disk drives when you take them out of a computer. Remote workers and external vendors are also now a major cause of the increase in data breaches. That's one of the things we're going to be covering here in my course coming up in a couple of weeks, and that is the upstream-downstream risk. And the US military is totally into this now, because they had two or three major breaches last year that came through vendors. So hackers are no match for human error when it comes to sheer numbers. You also have the insider threats of people who are stealing from you. So they can get a better job, take it with them to another job. You have people who are upset with you and are just making an absolute mess of things on the way out the doors. So be very careful about that because it's huge data breaches cost an average of $3.6 million globally average that was in 2017. Some of those prices have gone up. The faster you respond to a breach, the more money that you'll save. They found that if you can respond to a breach within 30 days, on average, you'll save over a million dollars. Think of that. The odds are good that you will get breached. You will save, on average, a million dollars. Yet you're not funding the security people either by going to an external contractor, like me, to take care of it for you. Or you don't provide the resources to the internal people they need to do it. It is a huge, huge job. All right, top of the hour course, on the radio stations, we've got the news, traffic, weather, all that sort of stuff coming up. Then when we get back, we're going to talk about a new metric in security. The next-gen security metrics. Stick around, and you are listening to Craig Peterson on WGAN and online.   Hey everybody, welcome back. Craig Peterson here, on WGAN and, of course, online at Craig Peterson dot com. We have already covered a bunch today. I would refer you over to my website. If you'd like to find out a little bit more, of course, I'm also on the streaming services. You can find it there. We've covered the internet archive. They've got this cool, new VHS vault. We discussed ways to reduce your risk of data loss. It's all about identifying your data. and then minimizing your data, how we enabled ransomware to become a multi-billion dollar industry. And I also gave some good advice on backups and the fact that 100% of the businesses I've ever walked into have had a failed backup strategy and failed in a bunch of different ways. It is big for all of us who are out there who are members of the Calvary, who are trying to help our friends, our family with their computer issues, and the businesses for whom we work. Then we got to how to answer questions that we get that have to do with our level of security? How secure are we? How secure is the business? That's what we have covered so far today. I love our next topic. It's phenomenal. It's from Thread Post.com. But they're talking about different types of security metrics. Now, metrics, of course, our measurements, or the ways we measure things. We always have to measure progress to be able to know have we gotten to where we need to be, right. Progress can be difficult to measure. There are a lot of different types of measurements when it comes to our security. Say for Microsoft Windows, one of the big things is, are you ready every Patch Tuesday. Then a little bit more, as Microsoft sometimes comes with out-of-cycle patches. They got nailed a few years ago, through criticisms about them releasing new patches, like constantly, because they needed to release them. And so instead of fixing their problem, which would be almost impossible to do, and that is rewriting windows and making it much more secure design, they decided they would just go ahead and release patches once a month. And that way, of course, you're not getting them every day. So who's getting noticed that in fact, there are a whole lot of vulnerabilities and Windows. So that was another measurement that we had. Did you get your Patch Tuesday stuff done? That's been around a very long time? Well, we've got a new metric here, and it's called hardening. Now, I don't know about you guys, but my wife thinks that most people don't know what the name hardening is. So I'll explain it a little bit. Hardening is where we close holes in our networks and our Windows computers. That's really what our emphasis is going to be coming up here next week when we start our whole hardening series. By the time you finish this series and the courses, you'll be able to lock down any Windows or Mac computer yourself. You are going to be able to lock down your small business network, and you're going to stop worrying about being the victim of the bad guys. We're also going to train you on how to test everything yourself. That you can make sure that they can't get in, right. If not tested, how will you know it works. It's like I was talking about with backups. How do you know they are working? How do you know it's effective? How effective is it? So we're going to teach all of that, and I think that's just going to be amazing for you guys, man. We're looking to do something you guys are going to love. Hardening in the case of our computers includes our computers, browsers, firewalls, and routers. In other words, there, we're using all of the options, all of the available software to make sure that bad guys are not easily going to get in is our Windows Firewall harden on our computers? Did you even know you had a firewall on a Windows computer? Well, it's almost useless. Because Windows has a firewall, it is turned on by default, but they have all kinds of services turned on and available to be used. All of these things are kind of crazy. When we get down to it, there are things we can do. That's what we're going to be covering starting in about a week with some of these tutorials. And with our great course that we have coming up. Now, let's talk about what's holding us back and what mean time to harden means. We're looking at vulnerabilities, when we're talking about a zero-day-attack, it is one that no one has seen before and where there is not a patch or workaround for it. It's really kind of a nasty thing. When it comes to hardening, you want to make sure that you have as few services as possible on your computer, firewall, and browser. That again makes your attack surface smaller. But when we're talking about those types of zero-day attacks, it typically takes an organization 15 times longer to close a vulnerability than it does for the attackers to weaponize that vulnerability and exploit it. So basically, we're talking about one week for the bad guys to take a vulnerability one of those zero-day things. It takes one week to weaponize it, and it takes us about 102 days to patch it. Let that sink in for just a minute here. Once vulnerabilities get disclosed, It's a time-race here to either secure this hole before the bad guys to exploit it. Now we saw that with the Equifax breach where here's a major, major breach against a major company out there, and only happened because they hadn't applied the patches that they needed to apply. It's just really that simple. Microsoft has a patch let's give an example right now, BlueKeep. BlueKeep is a way to break into Microsoft machines. Microsoft released patches for BlueKeep in the May 2019 Patch Tuesday security fixes. Microsoft released it in May, and as of December 2019, seven months later, there were still over 700,000 machines at risk. Let me see here now May to June July, August, September, October, November, December. That, to me, sounds like seven months. That's huge. Sophos has some security software. In their recent report about WannaCry, which is ransomware. The patch against the exploit WannaCry was using has not been installed on a countless number of machines. Still despite being released more than two years ago. It's crazy, isn't it? Do you guys agree with me? Am I just being kind an alarmist? Now the average time to weaponize this is seven days. Many weaponization comes in less than seven days. Like the infamous ApacheStruts vulnerability. You have effectively 72 hours to harden new systems. Now the numbers are even worse. When we're talking about incident response. There's a new rule out from a company called CrowdStrike. You might have heard of them before, they've been in the news for some political stuff as well. But they are a security company. They do a lot of investigations after the fact and try to figure out what happened and try and clean things up. CrowdStrike has a new rule. It's called the 1-10-60 rule. And it's based on what they call breakout time. So here's what that is. Most nation-state actors, in other words, the more advanced hackers out there, move laterally from an initial attack within two hours on average. In other words, if there is a country that's coming after you say, for instance, China. Most say now it isn't like China is going to go after me. I'm not Military and not a military contractor. China comes after you to steal your intellectual property. Once they have gotten inside of your network, they will move around inside your system. What this means is it gives defenders of a network one minute to detect a breach, 10 minutes to understand what has happened and that it was a breach and one hour to contain that breach from the initial incursion. That is huge. Now, this is part of this meantime to hardening and goal response that we're trying to achieve. If you're a regular business, and it's six months before you even notice that a hack occurred, if you ever even notice, which is par for the course, and one that we see that quite frequently. We will come in and look for signs of hacking. Many times, companies don't want to know. They just want to know if there are any openings that they should be closing right now. Why? If you see a hack occurred, there are specific legal responsibilities that you have. Companies say, Listen, don't tell me, I don't want to know. Without monitoring and watching what our organizations are doing, if we're not at the very least, patching and hardening, we're in real trouble. Now, I know you guys know how to patch it's not that difficult to do. We're not going to spend a lot of time on that in the upcoming tutorials or courses, but we are going to spend a lot of time in the course on Hardening because it is one of your best defenses. It's kind of like having a package on the front porch that was just delivered by Amazon people, right? If there is no package on the porch, the porch pirates are not going to show up and to steal the box. It's the same type of thing here. If you do not have services available on your machines inside your network, there is no way for the bad guys to move laterally. There's no way for them to get in remotely. That is our goal in our hardening courses, how to harden your Windows machine. That's coming up in about a week, week and a half. So make sure you are on my email list. You get all of that free training. You can find out about the courses as well that we are putting together for this. All of that at Craig Peterson dot com slash subscribe. You're listening to me here on WGAN. You can always send questions to me -- me at Craig Peterson dot com. Hey, welcome back, everybody, Craig Peterson online at Craig Peterson dot com and right here on WGAN. I am also putting these up on Facebook and making them available on YouTube. For those that are interested.  I want to talk a little bit right now about Clearview AI. You know, again, I've said so many times that we've got to be careful with our data online. Clearview AI is this company that we talked about a few weeks ago, that has been scraping all of the information it could get online, mainly related to photographs. All of the pictures that you posted on Facebook or that you put up on any photo sharing sites, all of that stuff, Clearview scraped. Now, they have this app that allows you to take a picture, and then it will do facial recognition to find all of the places online that that picture appears. And it has been used by looks like more than 2200 different organizations, many of them police department to track people down. So if you have a picture, even if it's not a great picture, that picture can then be put into the clear view AI app. And it'll show you here you go, here's where we found this guy or gal online. And even if you didn't take the picture, and you are in a photograph, it is going to show up in clear view is going to find it. Now, Clearview AI grabbed all of these photographs online without asking permission of anyone. I don't think they asked your permission, did they? They didn't get my permission. They scraped them from Twitter, who they didn't ask permission. They scraped them from Facebook. They scraped them from all over the internet. They ended up with billions of photographs. They logged it all along with where they found them online. That way, if the police department is looking for this person, they have a photo of them. They can put it into the Clearview AI app and can authenticate where online it was found. And then the police department just goes there and says, Oh, well, that's a Mary Jane's homepage. Here's more about Mary Jane, where she lives and everything else and now off they go to get Mary Jane. Now remember, of course, first off, these things are not 100% accurate. They could be false. There are false positives, although in many cases, they have been very successful at identifying people, and they have helped to solve some crimes, which is I guess a good thing, right. I think that's what you might want to say, okay. In a notification that The Daily Beast reviewed, Clearview AI told them that there had been an intruder that gained unauthorized access to its list of customers, and they got access to many accounts they've set up and the searches they have run. Now, this disclosure also claimed that there was no breach of Clearview AI servers and that there was no compromise of Clearview AI systems or networks. That puzzles me makes me wonder, well, maybe they were using a cloud service, and they had it stored up there, and that's how it got stolen. It's hard to say. Clearview AI went on to say that it patched the unspecified hole that let the intruder in and that whoever was didn't manage to get their hands on their customer's search histories. Now there's a release from a Clearview AI attorney, and his statement said that security is Clearview AI top priority, which is total crap, right? They did everything they could to breach ethics and security of the user agreements from all of these websites from which they scraped our information. Unfortunately, data breaches their attorney says are part of life in the 21st century. Our servers were never accessed. We patched the flaw and continue to work to strengthen our security. All of this is in a report on naked security dot com. Now, this, frankly, is very concerning to me from several different standpoints, right. First of all, Clearview AI had this massive database of facial images that they had sold to hundreds of law enforcement agencies. In many cases, it wasn't like the overall agency. It was just a police officer themself that subscribed. It may be a detective, etc. The New York Times ran a front-page article in January, saying that Clearview AI may end privacy as we know it and man, is that ever true. They have been quietly selling access to these facial images and facial recognition software to over 600 law enforcement agencies. Now with this data breach, it looks like it's more than 2200. Although we have not seen the list posted online yet, we may end up seeing the posted online. It depends on who did this and if it was a nation-state, which is entirely possible. They are trying to find out a little bit more about us or whether it was somebody else.  It reminds me of a lot about the founding of Facebook and why I've been against Facebook over the years, right? Facebook had a very unethical at its start. They stole all the photos of women going to Harvard University and then had people be able to go to their little website and rate the women, right? Rate them? Yeah, on their looks using all stolen photos. That's the allegation behind it all. It certainly seems to be true. Microsoft, that's another reason I just, I don't use the word hate very often believe me, but I do hate Microsoft and the way they started. They unethically sued people and play games with trying to buy them by lying about the rights that they had. Bill Gates outright lying to IBM and others, back in the early days. I have a good friend of mine who says Craig if you didn't have any ethics, you would be one of the wealthiest people in the country. Your ethics kept you from doing them, yet you bent over backward to help people. Companies, like these need to go out of business and need to go out of business fast, it's crazy. We've got the Biometric Information Privacy Act that Clearview AI has violated. ClearView AI has also been told by Twitter, Facebook, Google, and YouTube to stop scraping. Those companies have ordered it to stop that. It is against the policies. The Times noted that there's a strong use case for ClearView AI technology finding the victims of child abuse. News. It makes a lot of sense. One, retired Chief of Police said that running images of 21 victims of the same offender returned nine or 14 miners identifications, the youngest of whom was 13. So where do we draw the law watch line, I should say, what should we be doing here? It goes back to the whole fruit of the poisoned tree principle that exists in the law. That you've seen on TV and in movies many times, any evidence illegally obtained can't be used nor anything that comes of that evidence. It is why some Federal investigators play games with where did you get this evidence? Russia? Did it come from Christopher Steele? Should we have something similar In this case, and I think that we should if they stole information from these companies, which they did. It's, frankly, intellectual property theft at the very least. That means it is of no use in any sort of a police case that started an investigation and any legal matters that follow. That's my opinion. I don't know what yours is. I'd love to hear from you email Me at Craig Peterson dot com. Thank God they were able to find some of these victims of child abuse. But at the same time here, we should have some rights to privacy. It may already be too late. I guess we'll know. Soon enough.  Hey, when we get back, we're going to talk about Barbara Cochran. She's the star of Shark Tank, and she just lost 400 grand in a scam will tell you all about it. You are listening to Craig Peterson and WGAN. And make sure you sign up online at Craig Peterson dot com. Hi, everybody. Yeah, that means we're back. Craig Peterson here on WGAN.  We're going to talk right now about a TV show that I have enjoyed watching over the years. There are a few shows that I watch pretty regularly. Of course, there are some sci-fi shows we won't talk about those right now. But a couple of them are The Profit I enjoy that show. I like the guy who is the main character on that show, and his name is Marcus Lemonis. He owns a considerable interest in Camping World, as well as GoodSam Club, and he invests in small businesses. I disagree with him almost 100% on politics, but he does try and help people out which I think is fantastic and, and he goes into these businesses that are struggling, that are trying to figure out how do we move to the next step or how do we even survive? Then he helps him out, and he frequently invests in them. When he invests, he takes a good chunk, usually enough so that he has a controlling interest in other words 51% sort of a thing. Then he's often running, and he helps build them into real successful companies. Now, I guess it goes back to the question of, would you rather have a small slice of a massive pie as an owner, or would you rather have 100% of a tiny pie, that may end up collapsing in on itself at some point in time. That's kind of the decision these people have to face as they are talking with him and trying to figure it out. So I like that show. He had a good episode, recently that I found very, very fascinating. Check that one out, The Profit. Another one that I've enjoyed over the years is Shark Tank. Now Shark Tank is if you haven't seen it, it is a show, and there are a number of them. It's called Dragon's Den overseas. There's one in the UK. There's a shark tank in Canada, and there's a shark tank in Australia, all called slightly different things. The idea behind Shark Tank is you go in there you make a pitch to these investors, and the investors decide if they're going to throw some money at you. They will make a deal saying okay, I'll give you 20% for 20% of your company, I'll give you this much money, or you know, I'll bring in people to help out, but I want controlling interest or whatever it is. Well, one of the business moguls on there that part of this whole judging team on Shark Tank just last week lost nearly $400,000. It was disclosed that the 400 grande loss came through an email scammer. Now, if she had been listening to this show, she would have known about it. She would have known what's happening. She has enough money that she kind of brushed it off. Oh well, she thinks that she'll never get the money back. And you know what? She's probably right. We've seen that happen many times, even with the FBI getting involved most of the time that money never, ever comes back to you. According to media reports, a scammer who was posing as Barbara Cochran's executive assistant forwarded to her bookkeeper an invoice requesting that payment. I'm looking at the email right now. Barbara released it, which is great as that way people can see what happened. It's an email it's from, Jake somebody. Sent on Friday, February 21, and addressed to Emily carbon copy Michelle. The subject was forward Invoice 873, and it's got the name of a German company. It begins, Hello Emily. Please see the attached invoice below for payment. We are ready to proceed, and we are shipping next week. Please ensure the invoice is paid on time, shipping charges are additional. It appears like a little real invoice. It's got the due date on it, which was due on the 27th, and the amount was $388,700 and 11 cents. And it looks as I said kind of like a standard invoice. Dear customer. Please see the attached invoice. Wire transfers should be directed to FFH concept GMbH address in Berlin, Germany. Bank details include the bank name, the account name, bank address As the IBN number, the swift number, thank you for your business, we appreciate it very much.  The truth was, this email did not originate from Barbara Cochran's executive assistant. Instead, what happened here is that the scammers and created an email address that looked the same as her executive assistant. It had one letter different in it. At first glance, it seems legitimate, yeah, this is from the Executive Assistant. You and I look at 400,000 and say, Whoa, wait a minute now. I don't even have that much. In this case, Barbara Cochran, this was pretty normal for her. There's not only this amount because she is involved in so many real estate deals. That's how she made her money was in real estate. She gets these invoices from these companies all over the world. It did not look that strange. All the bad guys, in this case, had to do was a little bit of research. They found out what the executive assistant's name, they found out what the email address was. The bookkeeper did not spot this little spelling error, if you will, in the email address. When she asked questions about the purpose of the payment, all communication went straight to the scammer's and not to the assistant. What did she do? She hit reply, and the response went straight to the scammers, and the scammers gave him what looked to be or gave her what appeared to be a reasonable answer, right. On Tuesday last week, seemingly satisfied by the answers she'd received by the scammers posing as Barbara Cochran's executive assistant. The bookkeeper transferred almost $400,000 into the bank account contract controlled by the scammers. It was only one the bookkeeper manually CC'd Cochran's assistant directly with confirmation that the invoice had was paid. It became clear what happened. So, again, that tells you don't respond to emails, right? Look it up, use a contact list, use your autocomplete to try and reach out to somebody to verify it. I always go one more step further, and that is to get on the phone and confirm the transaction. Now in speaking to people magazine, Barbara Corcoran again apparently was pretty okay about the theft. She says quote, I lost the 400,000 as a result of a fake email sent to my company. It was an invoice supposedly sent by my assistant to my bookkeeper, approving the payment for real estate renovation. There was no reason to be suspicious. I invest in quite a bit of real estate. I disagree with that there was reason to be suspicious. Anyhow, I was upset at first, but then remember, it's only money good for her. Frankly, she posted on Twitter about it. Lesson learned. Be careful when you wire money. She retweeted something from TMZ about her getting hooked in this scam. I'm glad she has a positive attitude about it. It's very unlikely, as I said earlier, that she'll ever recover a dime from these fraudsters because of the way the money was wired. Ninety seconds later is all it takes for the cash to be gone and out of reach. And they probably went ahead and transferred it from German banks to other banks, and it continues to move the money around. It's kind of like what happened in Eastern Europe and Ukraine, with a billion dollars in aid that we sent that ended up bouncing around between multiple companies in multiple countries to hide whose pocket it ended up. It's just kind of crazy. It can happen to anyone, and it can happen to any of us. Every last one of us, business person or otherwise, needs to be on guard. Don't reply to emails. Always make sure you enter in the email address if it's anything that might be of concern. Remember that banks and other places are unlikely, including the IRS tax time, to be sending you emails about some of this stuff. Just double-check and phone them, look them up online, and phone that number. Ask a question from their help people over on their website.  Well, we've got one last segment here, and we're going to be talking about new security features from Firefox that means insecurity to you. This is Craig Peterson on WGAN, and you know, I like Firefox, right? Hey, welcome back, everybody, Craig Peterson, here on WGAN and online Craig Peterson dot com. Well, that's Peterson with an -On dot com.  Hey, thanks for joining us today we've had a great day, we've talked about where you find a little bit of nostalgia online over at the Internet Archive. We talked about reducing the risk through data minimization. I described how ransomware became a multi-billion dollar industry. We talked about the changes that have recently happened with ransomware that will require you to make a change in what you're doing to stop becoming a victim. Then we got into how should you answer a non-technology related executive who asks you, how secure are we? How do you answer that question to your family as well? Because we are all the Calvary, right? We're the people that our friends, family, our people from church, the business people, they all come to us. So I wanted to make sure we covered that the next generation here of security metrics, how long does it take to harden your systems, and we've got a course coming up on that here in a couple of weeks and a bunch of tutorials to help you out. The company that we talked about clear view AI, very, very bad guys, frankly, very unethical. They just lost their entire database of Facebook buying clients to hackers. And then they brushed it off like it's no big thing. Hey, you know, everybody gets hacked nowadays. Man is talking about a company with no ethics at all. We talked about them, and then, of course, most recently, we just talked about business email compromise. We gave you a specific example here of Barbara Corcoran. She is one of the business moguls over on Shark Tank. How she lost almost $400,000 in a scam, and what you can do to help protect yourself. And we gave away some actual clues here precisely what the bad guys are doing to try and get that information or get us to to to do that, right? What kind of information are they gathering about us? Well, I want to talk about Firefox here for a few minutes, all web browser thing. And this has to do with security. And this is an article over on we live security.com that made me think about what is going on with Firefox and Mozilla. Now, if you've been on any of my training courses, you know, the browser you absolutely should never use ever, ever, ever unless there is a gun to your head, and then it's okay. Is Internet Explorer is just one of the worst browsers ever? You know, it's just terrible. It's right up there with the original browser, the NCSA Mosaic, but at least it was changing the industry. Internet Explorer was just a huge security hole. I mean crazy. The things that allowed programmers to do, and it was such an avenue for hacking. You know that right, don't ever use Microsoft's Internet Explorer. Then they came out with the Edge browser, and they had problems

Refined Kitten seems to be up to something, perhaps in the control system world. Microsoft debunks claims about Teams, BlueKeep, and Doppelpaymer ransomware. The FBI warns the auto industry that it’s attracting attackers’ attention. A new attack technique, RIPlace, is described. Phineas Fisher’s bouty, considered. The UN, the AG, and the course of the cryptowars. Does America need a 5G czar? And ransomware from Baton Rouge to Rouen. Michael Sechrist from BAH on third party malware risks. Guest is Bill Connor from SonicWall with results from their Q3 Threat Data Report. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/November/CyberWire_2019_11_21.html  Support our show

Mai menü:Antenna mesél az Erstés élményeirőlFacebook vallomása databreach kapcsánFacebook pereli az NSO groupotNinja újabb toolja a privacy védelméreLastPass 2 faktoros overkilljeNinja toolja hogy anonim maradj url rövidítés után isAPT41 támadásai telcok ellen hogy mások SMSeit olvassákTrendMicro belső meló, mikor kell egy kis bónuszMielőtt megosztod a kódod, nézd át!!!Most már tényleg hülyebiztos az iPhone jailbreakVégre van BlueKeep exploitálás!!Elérhetőségeink:TelegramTwitterInstagramMail: info@hackeslangos.show

11/15/19 Titanium; Chinese Gear; Bluekeep; Internet Weather

In this episode of Security Nation, we chat with Oliver Day about his experience embedding security into the engineering team at a medium-sized publisher. Oliver discusses the importance of understanding other people’s roles and what matters to them, and how that helps drive security efforts.Also, join Tod for the Rapid Rundown, where he digs into the latest BlueKeep attacks in everyone’s favorite segment, “BlueKeep Watch.”

National Association of Manufacturers hacked during Sino-American trade negotiations (and tensions). Ineffectual DDoS attacks hit both of the UK’s largest political parties. Pemex says it’s completed recovery from ransomware. The US Department of Health and Human Services will investigate Google’s Project Nightingale for possible HIPAA issues. And did BlueKeep warnings scare people into patching? Apparently not.  Ben Yelin from UMD CHHS on California going after Facebook on alleged user privacy violations. Guest is Edward Roberts from Imperva on Ecommerce and bots.

De la montée des eaux qui sera bien plus élevée et rapide que prévu, en passant par la faille BlueKeep exploitée par des hackers, des produits toxiques retrouvés dans le sang des femmes, ou encore Voyager 2 qui perce des secrets de l'espace interstellaire, découvrez l'actualité scientifique pour la semaine du 4 au 10 novembre. Voir Acast.com/privacy pour les informations sur la vie privée et l'opt-out.

This week, BlueKeep freakout had little impact on patching, Experts warn of spike in TCP DDoS reflection attacks targeting Amazon and others, Nvidia patches graphics products and GeForce Experience update tool, hackers breach ZoneAlarm's forum site, and how Apple is to fix Siri bug that exposed parts of encrypted emails! In the expert commentary, we welcome Dan DeCloss, Founder and CEO of PlexTrac, to talk about Communicating Vulnerabilities!   To learn more about PlexTrac, visit: https://securityweekly.com/plextrac Show Notes: https://wiki.securityweekly.com/HNNEpisode241   Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, BlueKeep freakout had little impact on patching, Experts warn of spike in TCP DDoS reflection attacks targeting Amazon and others, Nvidia patches graphics products and GeForce Experience update tool, hackers breach ZoneAlarm's forum site, and how Apple is to fix Siri bug that exposed parts of encrypted emails! In the expert commentary, we welcome Dan DeCloss, Founder and CEO of PlexTrac, to talk about the latest breaches and the importance of pentesting! Visit http://hacknaked.tv to get all the latest episodes! Show Notes: https://wiki.securityweekly.com/HNNEpisode241

This week, BlueKeep freakout had little impact on patching, Experts warn of spike in TCP DDoS reflection attacks targeting Amazon and others, Nvidia patches graphics products and GeForce Experience update tool, hackers breach ZoneAlarm's forum site, and how Apple is to fix Siri bug that exposed parts of encrypted emails! In the expert commentary, we welcome Dan DeCloss, Founder and CEO of PlexTrac, to talk about Communicating Vulnerabilities!   To learn more about PlexTrac, visit: https://securityweekly.com/plextrac Show Notes: https://wiki.securityweekly.com/HNNEpisode241   Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Microsoft Applications Diverted from Their Main Use https://isc.sans.edu/forums/diary/Microsoft+Apps+Diverted+from+Their+Main+Use/25502/ Did Bluekeep Malware Afect Patching https://isc.sans.edu/forums/diary/Did+the+recent+malicious+BlueKeep+campaign+have+any+positive+impact+when+it+comes+to+patching/25506/ Pwn2Own Summary https://www.zerodayinitiative.com/blog/2019/11/7/pwn2own-tokyo-2019-day-two-final-results State of Javascript Framework Security https://snyk.io/wp-content/uploads/snyk-javascript_report_2019.pdf DShield/ISC Honeypot Update https://isc.sans.edu/honeypot.html

BlueKeep was announced by Microsoft and a patch was made available shortly after. This vulnerability was deemed critical by Microsoft as the exploit could propagate like a "worm" infection. Now attackers are actively exploiting BlueKeep in the wild. This episode talks about this attack and what you can do if you haven't or can't patch your systems. Be aware, be safe. Sign-Up For FREE security awareness training here. Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five Don't forget to subscribe to the Security In Five Newsletter. —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

You’re listening to the Shared Security Podcast, exploring the trust you put in people, apps, and technology…with your host, Tom Eston. In episode 94 for November 11th 2019: Facebook’s Group API data leak and 7,000 pages of leaked Facebook documents, lasers that can control your smart speakers, and details about the BlueKeep vulnerability now being […] The post Facebook Data Leaks, Smart Speaker Laser Attack, BlueKeep in the Wild appeared first on The Shared Security Show.

Microsoft Applications Diverted from Their Main Use https://isc.sans.edu/forums/diary/Microsoft+Apps+Diverted+from+Their+Main+Use/25502/ Did Bluekeep Malware Afect Patching https://isc.sans.edu/forums/diary/Did+the+recent+malicious+BlueKeep+campaign+have+any+positive+impact+when+it+comes+to+patching/25506/ Pwn2Own Summary https://www.zerodayinitiative.com/blog/2019/11/7/pwn2own-tokyo-2019-day-two-final-results State of Javascript Framework Security https://snyk.io/wp-content/uploads/snyk-javascript_report_2019.pdf DShield/ISC Honeypot Update https://isc.sans.edu/honeypot.html

En este episodio de nuestro programa "Detrás del HOST": 1. Gran filtración de la plataforma de documentación Electrónica de Carabineros de Chile, filtrando información sensible y sus informativos del porque este hackeo; 2. Una importante firma de TI en España ha sido victima de un Ransomware dirigido a ello y que tendría más efecto en otros firmas de España y Europa; 3. BlueKeep toma relevancia en el mundo de la Ciberseguridad, tras sospechas de el primer intento amateur en generar un EXPLOIT; 4. Facebook nuevamente en problemas, filtran información de usuarios de la red social mediante sus desarrolladores de aplicaciones; 5. ¿Haz pensado que con un simple láser puedes hackear dispositivos con algún micrófono? Pues, esto ya es posible. El futuro es Hoy, Oíste viejo?

Nesta edição: O processo do whatsapp contra a NSO, ataque de ramsonware na Espanha, a vulnerabilidade do BlueKeep se torna pública, mais vazamento de dados, o adiamento da LGPD,  entre outras notícias. Ajude o SegurançaContinue reading

This is Episode 3 of the ProactiveIT Podcast.  On the ProactiveIT podcast we discuss the latest in technology news, Cyber Security, and compliance. In this episode we discuss recent Cyber... The post ProactiveIT Ep 3 SRA Myths, Law Firm Data Retention & BlueKeep appeared first on Nwaj Tech - Information Tech & Cloud Support.

Warnings and advice about Emotet and BlueKeep, both being actively used or exploited in the wild. Two new carding bots are in circulation against e-commerce sites. Expect more of this as criminals test stolen credentials in advance of the holiday shopping season. Amazon fixes a security flaw in its Ring doorbell. A Long Island company is charged with selling bad Chinese security systems as good made-in-USA articles. Michael Sechrist from BAH on preventing supply chain attacks. Guest is Andy Greenberg, senior writer at Wired an author of the book Sandworm — A new era of cyberwar and the hunt for the Kremlin’s most dangerous hackers. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/November/CyberWire_2019_11_08.html  Support our show

This week the London team looks at the following stories: - BlueKeep Exploit Could Rapidly Spread - Megacortex Ransomware Changes Windows Passwords - Japanese Media Company Nikkei - $29 million lost to BEC scam - Web.com Breach - 21 million employee accounts for Fortune 500 companies offered on the dark web Get the full intelligence summary at https://resources.digitalshadows.com/weekly-intelligence-summary ***Resources from this week*** https://www.bleepingcomputer.com/news/security/new-megacortex-ransomware-changes-windows-passwords-threatens-to-publish-data/ https://www.cyberscoop.com/nikkei-email-scam-bec-29-million/ https://krebsonsecurity.com/2019/10/breaches-at-networksolutions-register-com-and-web-com/

On this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss the biggest cyber security news stories of the week. On this episode, we chat about how lasers could be used to hack your voice-controlled devices – including your phone, the Bluekeep attacks that have been spotted in the wild, and the ongoing repercussions surrounding the WhatsApp zero-day that was discovered in May. Also, BEC scammers cash in, the QSnatch malware hits thousands of NAS devices, and a new vulnerability in Microsoft Office for Mac.

BlueKeep RDP Exploit in the wild Targeted ransomware against Spanish companies Laser pointer attacks against Google Home and Amazon Echo and Apple Siri

Mass ransomware hit Spain earlier this week, BlueKeep's back and there's yet another twist in the sextortion saga. Sophos experts Mark Stockley, Peter Mackenzie and Paul Ducklin join Producer Alice Duckett this week to discuss. We also have a brand new Naked Security YouTube channel subscribe here: https://www.youtube.com/channel/UCuTRp4eg7vwZFYMzHP4KDlA?view_as=subscriber Listen now! Related articles: RDP BlueKeep exploit shows why you really, really need to patch: https://nakedsecurity.sophos.com/rdp-bluekeep-exploit-shows-why-you-really-really-need-to-patch/ Ransomware attacks in Spain leave radio station in “hysteria”: https://nakedsecurity.sophos.com/spanish-ransomware-hits-two-companies/ Sextortion scammers are hijacking blogs – and victims are paying up: https://nakedsecurity.sophos.com/sextortion-scammers-are-hijacking-blog-sites/

Music by https://www.bensound.com/ --- Support this podcast: https://anchor.fm/chillchillsecurity/support

Hola! En esta ocasión conversamos de lo que andan tramando recientemente los investigadores, enloqueciendo poco a poco con técnicas como ataques por láser, así cómo un recordatorio de que debemos cuidarnos del ransomware. Finalmente si tienes Windows, abre los ojos bien grande contra BlueKeep!

Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@DAY[0]) [00:05:23] Apple v. Corellium [00:12:04] Firefox to Discontinue Sideloaded Extensions [00:16:52] Delegated Credentials for TLS [00:23:02] North Korean Malware Found on Indian Nuclear Plant's Network [00:28:20] The Pirate Bay Downtime Caused by Malicious Search Queries [00:29:30] Web.com Breach (allegedly includes NetworkSolutions.com and Register.com) [00:32:28] BlueKeep attacks are happening, but it's not a worm https://www.kryptoslogic.com/blog/2019/11/bluekeep-cve-2019-0708-exploitation-spotted-in-the-wild/ [00:36:13] Untitled Goose Game - Insecure Deserialization [00:39:58] Two Chrome 0Days get Patched [00:42:45] NFC Beaming Bypasses Security Controls in Android [CVE-2019-2114] [00:45:43] Abusing HTTP Hop-by-hop Request Headers [00:50:54] Let's Make Windows Defender Angry: Antivirus Can be an Oracle! -icchy https://en.wikipedia.org/wiki/EICAR_test_file [00:56:54] rConfig v3.9.2 authenticated and unauthenticated RCE (CVE-2019-16663) and (CVE-2019-16662) [01:02:26] Making an Invisibility Cloak: Real World Adversarial Attacks on Object Detectors [01:07:26] Silhouette: Efficient Intra-Address Space Isolation for Protected Shadow Stacks on Embedded Systems [01:19:46] unfork(2) [01:23:51] Destroying x86_64 instruction decoders with differential fuzzing https://github.com/zyantific/zydis

This week, aggressive IoT malware that's forcing Wi-Fi routers to join its botnet army, Google discloses Chrome Zero-Day exploited in the wild on Halloween, the first Bluekeep exploit found in the wild, and oC Exploits Published for Unpatched RCE Bugs in rConfig! In the expert commentary, we welcome Sean O'Brien, Founder and CEO of PrivacySafe, to talk about Siri, Alexa, and Google Assistant hacked via Laser Beam! To learn more about PrivacySafe, visit: https://securityweekly.com/privacysafe Visit http://hacknaked.tv to get all the latest episodes! Show Notes: https://wiki.securityweekly.com/HNNEpisode240

This week, aggressive IoT malware that's forcing Wi-Fi routers to join its botnet army, Google discloses Chrome Zero-Day exploited in the wild on Halloween, the first Bluekeep exploit found in the wild, and oC Exploits Published for Unpatched RCE Bugs in rConfig! In the expert commentary, we welcome Sean O'Brien, Founder, and CEO of PrivacySafe, to talk about Siri, Alexa, and Google Assistant hacked via Laser Beam!   Show Notes: https://wiki.securityweekly.com/HNNEpisode240 To learn more about PrivacySafe, visit: https://securityweekly.com/privacysafe   Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, aggressive IoT malware that's forcing Wi-Fi routers to join its botnet army, Google discloses Chrome Zero-Day exploited in the wild on Halloween, the first Bluekeep exploit found in the wild, and oC Exploits Published for Unpatched RCE Bugs in rConfig! In the expert commentary, we welcome Sean O'Brien, Founder, and CEO of PrivacySafe, to talk about Siri, Alexa, and Google Assistant hacked via Laser Beam!   Show Notes: https://wiki.securityweekly.com/HNNEpisode240 To learn more about PrivacySafe, visit: https://securityweekly.com/privacysafe   Visit https://www.securityweekly.com/hnn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

A hacking group was actively stealing SMS messages, BlueKeep updates, and persistent malware hits android users! All that coming up now on ThreatWire. #threatwire #hak5 Links:Support me on alternative platforms! https://snubsie.com/support https://www.youtube.com/shannonmorse -- subscribe to my new channel! ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire Links:Hacking Telecomhttps://thehackernews.com/2019/10/sms-spying-malware.htmlhttps://arstechnica.com/information-technology/2019/10/researchers-unearth-malware-that-siphoned-sms-texts-out-of-telcos-network/https://threatpost.com/china-hackers-spy-texts-messagetap-malware/149761/https://www.zdnet.com/article/chinese-hackers-developed-malware-to-steal-sms-messages-from-telcos-network/https://www.cyberscoop.com/chinese-hacking-group-breached-telecom-monitor-targets-texts-phone-metadata/https://content.fireeye.com/apt-41/rpt-apt41/ BlueKeephttps://www.wired.com/story/microsoft-bluekeep-patched-too-slow/https://threatpost.com/bluekeep-attacks-have-arrived-are-initially-underwhelming/149829/https://www.zdnet.com/article/bluekeep-attacks-are-happening-but-its-not-a-worm/https://thehackernews.com/2019/11/bluekeep-rdp-vulnerability.htmlhttps://www.wired.com/story/bluekeep-hacking-cryptocurrency-mining/ Patreon choice: 45k Androids infected w/ malwarehttps://www.symantec.com/blogs/threat-intelligence/xhelper-android-malware https://blog.malwarebytes.com/android/2019/08/mobile-menace-monday-android-trojan-raises-xhelper/https://thehackernews.com/2019/10/remove-xhelper-android-malware.htmlhttps://threatpost.com/android-malware-45k-devices-mystery/149654/ Photo credit:https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/weaponized-bluekeep-exploit-released-showcase_image-1-a-13051.jpg -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Our Site → https://www.hak5.orgShop → https://www.hakshop.comSubscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1Support → https://www.patreon.com/threatwireContact Us → http://www.twitter.com/hak5Threat Wire RSS → https://shannonmorse.podbean.com/feed/Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Host: Shannon Morse → https://www.twitter.com/snubsHost: Darren Kitchen → https://www.twitter.com/hak5darrenHost: Mubix → http://www.twitter.com/mubix-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

When Microsoft revealed last May that millions of Windows devices had a serious hackable flaw known as BlueKeep—one that could enable an automated worm to spread malware from computer to computer—it seemed only a matter of time before someone unleashed a global attack. As predicted, a BlueKeep campaign has finally struck. But so far it's fallen short of the worst case scenario.

Grrcon update   2019-039-  bluekeep Weaponized… and more   Bluekeep weaponized https://www.bleepingcomputer.com/news/security/bluekeep-remote-code-execution-bug-in-rdp-exploited-en-masse/ https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708 https://www.microsoft.com/security/blog/2019/08/08/protect-against-bluekeep/    https://www.wired.com/story/bluekeep-hacking-cryptocurrency-mining   NordVPN hacked: https://arstechnica.com/information-technology/2019/11/nordvpn-users-passwords-exposed-in-mass-credential-stuffing-attacks/   Null sessions and how to avoid them:https://www.dummies.com/programming/networking/null-session-attacks-and-how-to-avoid-them/ https://social.technet.microsoft.com/Forums/en-US/2acdfb53-edee-444e-9ffa-25dcebcd9181/smb-null-sessions   Linux has a marketing problem: https://hackaday.com/2019/10/31/linuxs-marketing-problem/   20 accounts could pwn majority of NPM   https://www.zdnet.com/article/hacking-20-high-profile-dev-accounts-could-compromise-half-of-the-npm-ecosystem/    Chrome 0day   https://thehackernews.com/2019/11/chrome-zero-day-update.html   India Nuclear plant is hacked https://arstechnica.com/information-technology/2019/10/indian-nuclear-power-company-confirms-north-korean-malware-attack/   High Tea Security Podcast:  https://www.podcasts.com/high-tea-security-190182dc8   https://TAGNW.org - Bryan Panel and talking about networking   Securewv.org - Training - https://www.eventbrite.com/e/security-dd-tickets-79219348203  Bsides Fredericton - https://www.eventbrite.ca/e/security-bsides-fredericton-2019-tickets-59449704667      Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com #Brakesec Store!:https://www.teepublic.com/user/bdspodcast #Spotify: https://brakesec.com/spotifyBDS #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel:  http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site:  https://brakesec.com/bdswebsite #iHeartRadio App:  https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec

BlueKeep is being exploited in the wild, not too seriously, yet, but you should still patch. Nunavut’s government is recovering from a ransomware attack is sustained Saturday morning. The NSO Group controversy spreads into an Indian politcal dust-up. Different Magecart groups are found to be be independently hitting the same victims. GandCrab provided a new template for the cyber underworld. And US Cyber Command deploys to Montenegro. Joe Carrigan with thoughts on the Coalfire pentesters criminal case. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/November/CyberWire_2019_11_04.html  Support our show

Morele.netSzczegółowy opis sprawy Morele.net autorstwa Piotrka Koniecznego można znaleźć tutaj.Wypowiedź Macieja Kaweckiego wraz z moim komentarzem można przeczytać tutaj.Capital OneOficjalne akty sprawy FBI dostępne tutaj.Krebs dobrze opisał ten przypadek na swoim blogu, post dostępny tutaj.InneKeynote od Dino Dai Zovi włącznie z pełną wypowiedzią Jeffa Moss znajdziesz tutaj.Listę tegorocznych zwycięzców nagrody Pwnies znajdziesz tutaj.Publicznie dostępny exploit na BlueKeep opisany jest tutaj.

Security Nation returns this week with a new episode that's all about collaboration. We are joined by Katie Trimble of the Department of Homeland Security and Chris Coffin of MITRE for a discussion about their contribution to the CVE Project. The two talk how they got their start in their respective organizations, why the CVE Project is so important for security professionals, challenges they've faced to get this project off the ground and optimize their operations, and how others can pitch in as a CVE Numbering Authority (CNA).  You'll also hear from Tod in our Rapid Rundown, where he compares and contrasts the the InfoSec world's response to the vBulletin and Internet Explorer zero-days this past week, and (as usual) brings you the latest in our BlueKeep Watch.

Today's episode is brought to you by ITProTV. It’s never too late to start a new career in IT or move up the ladder, and ITProTV has you covered - from CompTIA and Cisco to EC-Council and VMWare. Get over 65 hours of IT training for free by visiting https://itpro.tv/7minute. Today's episode is about a pentest that was pretty unique for me. I got to ride shotgun and kind of be in the shadows while helping another team pwn a network. This was an especially interesting one because the client had a lot of great security defenses in place, including: Strong user passwords A SIEM solution that appeared to be doing a great job We did some looking for pwnage opportunities such as: Systems missing EternalBlue patch Systems missing BlueKeep patch What got us a foot in the door was the lack of SMB signing. Check this gist to see how you can use RunFinger.py to find hosts without SMB signing, then use Impacket and Responder to listen for - and pass - high-priv hashes. Side note: I'm working on getting a practical pentesting gist together in the vein of Penetration Testing: A Hands-On Introduction to Hacking and Hacker Playbook.

Robert Rounsavall from Trapezoid joins to talk about the importance of firmware security. Peter, Don, and Justin also break down a strange effect the new iPhone is having on people, as well as the release of the BlueKeep exploit from Metasploit.

VLC not Vulnerable to libebml Vulnerablity https://threader.app/thread/1153963312981389312 Cryptominer With BlueKeep Scanner https://www.intezer.com/blog-watching-the-watchbog-new-bluekeep-scanner-and-linux-exploits/ Elasticsearch Vulnerabilities used to install DDoS Bot https://blog.trendmicro.com/trendlabs-security-intelligence/multistage-attack-delivers-billgates-setag-backdoor-can-turn-elasticsearch-databases-into-ddos-botnet-zombies/ May People Be Considered As IOC? https://isc.sans.edu/forums/diary/May+People+Be+Considered+as+IOC/25166/

When news appeared in May of the security vulnerability in Windows that would come to be known as BlueKeep, security researchers almost immediately cautioned that the flaw looked like the central ingredient for a destructive worm sure to rampage through the internet. Microsoft issued a series of stark warnings to patch the flaw, which persisted in roughly a million computers. Even the NSA took the rare step of noting the bug's severity.

Joining Oded Awaskar in this episode are Tim Otis and Ray Schippers from the Check Point Incident Response team.In this episode, we deep dive into CVE-2019-0708 dubbed “BlueKeep”, which was disclosed in the May 2019 “Patch Tuesday” of Microsoft.We will share with you background on this vulnerability and reveal the “behind the scenes” of a security company when such a vulnerability is disclosed.The episode concludes with recommendations on how to secure your environment from BlueKeep and similar vulnerabilities.

SSH Will Start Encrypting Secret Keys in Memory https://marc.info/?l=openbsd-cvs&m=156109087822676&w=2 Bluekeep Patchrate at 83.4% https://twitter.com/RavivTamir/status/1141788586922119168 Android ADB/SSH Botnet https://www.bleepingcomputer.com/news/security/botnet-uses-ssh-and-adb-to-create-android-cryptomining-army/

Two weeks have passed since Microsoft warned users about a critical vulnerability in a common Windows protocol that could enable a hacker to remotely take over machines without even a click from their owners, potentially allowing an infectious worm to rip through millions of PCs. That bug might be fading from the headlines, but it still lingers in at least 900,000 computers.

Microsoft has issued its second advisory this month urging users to update their systems to prevent a re-run of attacks similar to WannaCry. The software giant said Thursday that the recently discovered “wormable” vulnerability in Remote Desktop Services for Windows can allow attackers to remotely run code on a vulnerable computer — such as malware or ransomware.

Office Document And Base64 Encoded PowerShell Script https://isc.sans.edu/forums/diary/Office+Document+BASE64+PowerShell/24976/ https://0xdf.gitlab.io/2019/05/21/malware-analysis-unnamed-emotet-doc.html Enumeration of BlueKeep Vulnerable Hosts https://blog.erratasec.com/2019/05/almost-one-million-vulnerable-to.html DHCP Client Vulnerablity Analysis https://sensepost.com/blog/2019/analysis-of-a-1day-cve-2019-0547-and-discovery-of-a-forgotten-condition-in-the-patch-cve-2019-0726-part-1-of-2/ Office File Deleting Phishing Emails https://www.bleepingcomputer.com/news/security/phishing-emails-pretend-to-be-office-365-file-deletion-alerts/

An Update on the Microsoft Windows RDP BlueKeep Vulnerablity https://isc.sans.edu/forums/diary/An+Update+on+the+Microsoft+Windows+RDP+Bluekeep+Vulnerability+CVE20190708+now+with+pcaps/24960/ New Zero Day Exploits by SandboxEscaper https://github.com/SandboxEscaper/polarbearrepo Signed Exploit Code https://medium.com/@chroniclesec/abusing-code-signing-for-profit-ef80a37b50f4

Setting Up Shodan Monitoring https://isc.sans.edu/forums/diary/Using+Shodan+Monitoring/24956/ Fingerprinting Smartphones With Gyroscope Data https://sensorid.cl.cam.ac.uk/ 20% of Linux Docker Containers Without Password https://www.kennasecurity.com/20-of-the-1000-most-popular-docker-containers-have-no-root-password/ RDP #bluekeep Signature For Snort/Suricata https://github.com/nccgroup/Cyber-Defence/blob/master/Signatures/suricata/2019_05_rdp_cve_2019_0708.txt

MSFT RDP Vulnerability (#BlueKeep) Update https://twitter.com/search?q=%23bluekeep Sharepoint Exploited https://isc.sans.edu/forums/diary/CVE20190604+Attack/24952/ Risks of JWT https://snikt.net/blog/2019/05/16/jwt-signature-vs-mac-attacks/ MuddyWater Campaign Evolves https://blog.talosintelligence.com/2019/05/recent-muddywater-associated-blackwater.html